|
|
|
|
|
|
by akerl_
2529 days ago
|
|
|
That’s not a requirement specified anywhere. The “Protecting the API Key“ section talks about using a proxy specifically in the context of client-side applications (think of things like 1Password that integrate w/ HIBP), where embedding the API key into the app is obviously undesirable. In those cases, using a proxy allows managing the request volume and injecting the API key. That same section of the document describes other scenarios, like a hosted service or a CLI tool, that do not involve a proxy service. |
|
|