API keys are used for authentication, they are simple encrypted strings that identify an application without any principal. The API key allows access to any host (0.0.0.0 or 0.0.0.0/0 or ::0). In order to reduce attack vectors, API-Keys can be restricted only to trusted hosts.
Recommended Mitigation
It is recommended to add application restrictions to API keys in order to reduce the security risks involved in using API keys.
Authentication
