CA Live API Creator: Preventing the auth token from being visible in the HTTP headers via the browser dev tools
Article ID: 93106
STARTER PACK-7CA Rapid App SecurityCA API Gateway
How can we authenticate users without having the auth token exposed in the HTTP header via the browser dev tools?
Release: Component: APILAC
You can use the Gateway to authenticate and authorize API users into LAC. All API calls are then channeled through a dedicated port with mutual trust between Gateway and LAC without the auth token. See Integrate with API Gateway in the LAC documentation for further implementation details.