CA Live API Creator: Preventing the auth token from being visible in the HTTP headers via the browser dev tools

Document ID : KB000093106
Last Modified Date : 10/05/2018
Show Technical Document Details
How can we authenticate users without having the auth token exposed in the HTTP header via the browser dev tools?
You can use the Gateway to authenticate and authorize API users into LAC. All API calls are then channeled through a dedicated port with mutual trust between Gateway and LAC without the auth token. See Integrate with API Gateway in the LAC documentation for further implementation details.