Is there a possibility of sending an API key using GET parameters?

In my use case, I want to display a badge on my blog posts with the total count of page views, and I plan to use shields.io to convert the response from GoatCounter API into an SVG image:

https://shields.io/badges/dynamic-json-badge

However, the issue lies in the fact that shields.io does not support custom HTTP headers to authorize API requests; it only operates with "get" parameters and nothing more.

Could you suggest a method to authorize requests without using custom HTTP headers? Thank you in advance!

Probably, would be great to add an additional attempt to extract any API key from the request "get" parameters, right here:

goatcounter/handlers/api.go

Lines 122 to 123 in 57c95db

    
           if auth == "" { 
        
           	return "", guru.New(http.StatusUnauthorized, "no Authorization header")

Something like that:

	auth := r.Header.Get("Authorization")
	if auth == "" {
		if auth = r.URL.Query().Get("api-key"); auth == "" {
			return "", guru.New(http.StatusUnauthorized, "no Authorization no header nor get parameter")
		} else {
			auth = "Bearer " + auth
		}
	}

Oh my gosh, it seems I was blind (as usual)...

https://www.goatcounter.com/help/visitor-counter

https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2FMY_ACCOUNT.goatcounter.com%2Fcounter%2F%2FPAGE_URL_ON_MY_SITE.json&query=%24.count&label=blabla

	if auth == "" {
	return "", guru.New(http.StatusUnauthorized, "no Authorization header")