Authenticate the internal API using a header
What does this MR do?
Instead of mixing in the shared secret into the querystring or body, we could also specify it in a header.
I think a header is a little more appropriate for this
What are the relevant issue numbers?
This would make the implementation in gitlab-shell!283 (merged) for gitlab-shell#175 (closed) a bit easier.
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated via this MR -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Tested in all supported browsers -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the database guides -
~~Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process.~~ -
Security reports checked/validated by reviewer
Edited by Bob Van Landuyt