We currently dont have support for user authentication, so the API is always publicly accessible, and we cant apply rate limiting.
The same is true for the routes created, which are also always accessible.
Different authentication methods might be supported:
Secret key
Maybe the host of the application does not want users to be created and managed, but simply wants to share an authentication key, which can be sent in the header of the request
Username + password
Pretty much as describes. What we will need to discuss is if we want user management to be a part of this as well.
Oauth
As describes
We currently dont have support for user authentication, so the API is always publicly accessible, and we cant apply rate limiting.
The same is true for the routes created, which are also always accessible.
Different authentication methods might be supported:
Secret key
Maybe the host of the application does not want users to be created and managed, but simply wants to share an authentication key, which can be sent in the header of the request
Username + password
Pretty much as describes. What we will need to discuss is if we want user management to be a part of this as well.
Oauth
As describes