CA Live API Creator: Preventing the auth token from being visible in the HTTP headers via the browser dev tools
search cancel

CA Live API Creator: Preventing the auth token from being visible in the HTTP headers via the browser dev tools

book

Article ID: 93106

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction



How can we authenticate users without having the auth token exposed in the HTTP header via the browser dev tools?

Environment

Release:
Component: APILAC

Resolution

You can use the Gateway to authenticate and authorize API users into LAC. All API calls are then channeled through a dedicated port with mutual trust between Gateway and LAC without the auth token. See Integrate with API Gateway in the LAC documentation for further implementation details.

https://docops.ca.com/ca-live-api-creator/4-1/en/configuring/integrate-with-ca-api-gateway