API Keys #25
Description
some of our UI are starting to need back end services, when they are not connected to the equipment, e.g. see this issue. These are likely to need an RPC (POST since gRPC doesn't work from clientside browsers due to reverse proxies not proxying https2.0 at the moment). We'd want to protect this API with a key. Perhaps a time limited key. It might need generating with a different format to the stream tokens. It might need to be an opaque number, with a separate communication of a session to the server (maybe later). The purpose of this issue is to flag the need and remind us to investigate the requirements and define a roadmap (or not) for this potential feature.