Hello all, I understand that when using the REST API, after generating a token, I must add it to any additional API call as query parameter.
1. Is this the only way when calling REST APIs? Isn't it possible to add it to the body of the message (instead of adding it to the URL)? 2. Isn't it a security risk? Anyone which will sniff the communication will able to get the token this way, no? 3. What is the life span of a token? It is expired at some point? 4. Does the product support one-use-only tokens? Best regards, Tal Barak.
