api_key authorization method requires a key in the form of `username:password`

[lehnerchristian]

as far as I can see using the api_key authorization requires setting the api_key as a combination of a username + password, e.g. admin:admin.

the problem is that hard-coding username and password for a specific user somewhere in a config.json file is not an option. a better alternative would be to generate an API key (a long string). this API key needs to be stored in the services making the authenticated requests and in the services expecting requests from another service with the API key

[lehnerchristian]

an alternative could be some kind of Single Sign On like OpenID Connect (OIDC)