Level 88
Well, you want to use the token to make sure not somebody else is sending emails. You can, for example, connect the API-token to the current logged in user.
Apr 21, 2020
2
Level 7
API Authentication required
Hi,
I'm building a simple API to send some emails as a service for my static websites. It's my first effort to create an API so I'm figuring things out :)
I was now thinking about using API-token generated via Sanctum to protect the API. The static website uses vuejs and axios to send the requests. As that's purely front-end, is it still useful to use the token?
Level 7
Thing is,the main usage will be a public contact form, so mainly the goal is to make sure the request is made from the website, but that will be quite difficult? The API key will be sent from the front-end, so it will be visible nevertheless..
The main use of the API key could be that I can revoke access to that key.
Or am I missing something?
Please or to participate in this conversation.