Closed OmarMuhammedAli closed 2 years ago
We should also send a report to the API team. Sending tokens via URL is still not as secure as sending via headers.
CC: @cbeddow
Yes, I totally agree @Rubix982
Reported this to the team, let's see
Duplicate of #131 - closing here so the discussion can be shifted over there as well.
Describe the bug The
vector tiles
endpoints authentication flow has changed since theClient
interface was implemented. Thetiles
endpoints no longer accept theaccess_token
to be set in the request headers, they now need to be sent as a query parameter in the calling URL as such:https://tiles.mapillary.com/maps/vtp/mly1_public/2/{z}/{x}/{y}?access_token=MLY|XXX
To Reproduce You can interact with any interface function that communicates with a tiles endpoint
Expected behavior
Screenshots