Set Authorization Header a mandatory field #79
Replies: 1 comment 2 replies
-
|
Authentication is not enabled by default so I don't see why that header should be required, can you elaborate more? |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the reply. Should we make the HINDSIGHT_API_KEY mandatory to increase the security so that only authorized user with the key can access the API? If not, anyone can access to the API without authorization. Thanks. |
Beta Was this translation helpful? Give feedback.
-
|
it's user choice. if it's an internal application or local usage, no auth is completely fine. we can't enforce it by default because it would increase hindsight setup friction |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi Guys,
I noticed the existing API Header Parameters: Authorization is not a mandatory field. Ideally, we should make it mandatory.
API Reference
We can define the HINDSIGHT_API_KEY in .env or simply export it before executing hindsight-api
Beta Was this translation helpful? Give feedback.
All reactions