|
|
|
|
|
|
by tptacek
450 days ago
|
|
|
I don't think the idea is so much that API users understand its purpose so much as that repository hosts like Github can scan for it automatically. We don't use secret-token, but we do use a very identifiable fixed constant string prepended to our tokens, for similar reasons. |
|
|