API Security - Reword API key "authentication" to "identification"

[TimGoodwill]

The statement in the API Security section “API keys MUST be used for client authentication” is misleading – API keys are client identification, and are not secure or robust enough a mechanism to be considered ‘authentication’. This statement should be re-worded to replace 'authentication' with 'identification'

[rakeshjs]

Yes, endorse the above statement as API Key is better categorized as a client identification mechanism rather than authentication.