REST API security consideration

REST API security consideration

Hi,

I think it's a good practice that tokens should not appear in the URL, as this can be captured in (web, proxy) server logs, which makes them easily exploitable. Sensitive information must not be exposed through URL. Please make a change and force users to use the HTTP header to sent over the authtoken. Example (C#):

request.AddHeader("AUTHTOKEN", AuthToken);
IRestResponse response = client.Execute(request);

Regards,
Ilias.



      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products