URL parameters MUST NOT contain credentials such as API key, password, or secret. This is a security risk as URLs are often logged and cached.
OWASP API2 2023 No Credentials in URL
Message: Security credentials detected in path parameter.
API Learnings
APIs
API Governance
- extensionStandards
- tacticStrategies
- engineeringExperiences
- list_alt_checkProperties
- policyPolicies
- ruleRules
- dictionaryVocabularies