|
|
|
|
|
|
by gabrtv
4124 days ago
|
|
|
> The services are considered to be in a trusted network and are accessed by a private token passed in the ‘Authorization' header plus the user id of the requester in an ‘X-USER’ header. This reads like the user ID is exposed in a header without any sort of encryption. |
|
|
A lean quick service is not going to want to wait on encryption handshaking.