Question:
We have successfully integrated our application with Garmin and configured our API endpoints to receive calls from Garmin. However, since these endpoints currently lack authentication, we are concerned about security. To address this, we tried adding a token parameter to the endpoint URL (e.g., https://xxx.com/ping?token=abc), but it does not seem to take effect after saving.
Issue:
How can we properly secure these endpoints to ensure only authorized calls from Garmin are accepted? Are there recommended practices or configuration steps we might have missed?
Thank you for your guidance!
