Could we not have token as a header /tokens GET and HEAD X-VALIDATE-TOKEN - Token to be validated. We then dont have to expect clients to do encryption and encoding.
Could we not have token as a header
/tokens GET and HEAD
X-VALIDATE-TOKEN - Token to be validated.
We then dont have to expect clients to do encryption and encoding.