How should we fix this? Should we hash the token so it goes encrypted over the wire? Should we re-design the validate-token? Would having the token as an http header in the call help?
How should we fix this? Should we hash the token so it goes encrypted over the wire? Should we re-design the validate-token? Would having the token as an http header in the call help?