I was wondering how one can make API Keys required on a Websockets API. Does serverless framework support that, if not, is there a way to make it required?
Seems like private: true doesn’t work for websocket events.
You simply do not send the secret to the frontend. In my case, we use Java Spring Boot as a backend to our React applications.
For external APIs to which we need authentication, these requests go frontend → backend → external and back. The authentication is only added in the backend. snaptube vidmate