Currently we only expose one endpoint, to enqueue pages for Lighthouse audits which relies on an api token by page. These tokens are only visible to logged in users and identify the page. Since this is this is the only endpoint we expose, we don't enforce any further authorization.

results matching ""

    No results matching ""