Hi all I’m developing $Subject for APIM
Currently the access token is passed in the Authorization header and now i’m planning to Implement this feature by sending access token in the query string using the parameter name "authkey" as shown below, Eg :- http://10.100.5.192:8280/twitter/1.0.0?q=wso2&authkey=1ba411b161bd88a6c744e435a3a1b56 I'm planning to implement this feature on GET & DELETE since we usually pass the parameters to these methods Since the query parameter value will be in plain text do I need to worry about the security? WDYT? Regards -- *Sam Sivayogam* Software Engineer Mobile : +94 772 906 439 Office : +94 112 145 345 *WSO2, Inc. :** wso2.com <http://wso2.com/>* lean.enterprise.middleware.
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
