- We must be very careful about any misconfigurations to prevent downtime and insecure settings
- Ensure the internal network communication is encrypted
- Bearer Tokens
- Provides protection if services which do not need access to this api are compromised.
- Provides protection if the database is compromised
- Each service which requires access should use a unique bearer token to for rate tracking and to allow the services to be quickly removed from the allow-list in the case it is compromised
- Max Secret Size
- Max Tokens at Once
- Rate Limiting
- No public access so typical CORS and other brother precautions protections are not required