I have correctly configured the environment and it works correctly, but any user can make requests.
I would like to configure the API so that it can only be done using a token, but --require-api-key-origin does not work for me and the machine returns a 502.
How would you do with this configuration?
You need to use
--api-keys along with
--req-limit 0. Then issue an API key with high request limits. This will effectively only allow requests with an API key (all others will be denied).
I currently have it this way:
And it works properly. The api responds the following:
Slowdown: 0 per 1 minute
But I would like to reply this message:
Please contact the server operator to obtain an API key
I modify the service like this:
And I get the 502 error.
I’m doing something wrong …
You don’t need to set
python manage.py keys add 999999
This will give you the API key you need to use for your requests.