API keys are a different way to authenticate APIs. They have nothing to do with session management. The session tokens on the other hand, should be stored in httpOnly, secure cookies.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thanks Shaijut!
API keys are a different way to authenticate APIs. They have nothing to do with session management. The session tokens on the other hand, should be stored in httpOnly, secure cookies.