@techreport{ietf-httpapi-privacy-00, number = {draft-ietf-httpapi-privacy-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-httpapi-privacy/00/}, author = {Rich Salz and Mike Bishop and Marius Kleidl}, title = {{API Keys and Privacy}}, pagetotal = 7, year = 2024, month = nov, day = 6, abstract = {Redirecting HTTP requests to HTTPS, a common pattern for human-facing web resources, can be an anti-pattern for authenticated API traffic. This document discusses the pitfalls and makes deployment recommendations for authenticated HTTP APIs. It does not specify a protocol.}, }