python - Secure Azure API rest calls in javascript -
we using azure api management maps python flask api. making javascript ajax calls (azure apis). placing subscription key directly in query parameter of ajax calls.
now have access key (by pressing developer tools or view source), can access apis' well.
is there way hide subscription key in ajax calls?
you can use json web token (jwt) in request, has signature , expiration time.
Comments
Post a Comment