Could something like poor man's primitive check work?
- Create a custom http header and find a unique way to create/identify it. So theoretically another layer of authorization, just like APP ID for instance.
- Create a middleware that would scan the request and check whether it has the required custom header
- If not log everything and create a notification/slack/allow/deny and if it's good let through the request.
- Create a custom http header and find a unique way to create/identify it. So theoretically another layer of authorization, just like APP ID for instance.
- Create a middleware that would scan the request and check whether it has the required custom header
- If not log everything and create a notification/slack/allow/deny and if it's good let through the request.