Discussed on Jabber whether we want to allow anonymous (key-less) access to REST API, or whether we should require a key for any request. Dave confirmed that anon access is ok.
Our backend actually supports it:
But REST API client we provide (both in-tree rest_api and dependency-free class used in some scripts) insist to be fed with key and secret, so that should be made optional.
Log in to post a comment.