If I were building an API service, I think I would want control over the security around the API and the site doesn't describe in depth how the actual customer's data is secured, just "assign a random token".
What domain would this white-label admin interface reside on if a sales/signup page and my actual API endpoints are on my domain for example? Wouldn't customers find it jarring to be going to "myawesomeAPI.com" to signup and then the domain for actual API calls ends up on "resteasyapi.com"?
Thank you for the feedback! We're still very early stage right now, and we'll be releasing more specifics around security in the coming days.
RestEasy will operate by forwarding your customer's request to your endpoint, so there will be two keys used to secure the API call. One from your customer to RestEasy, and then one to your service. We'll be doing a detailed writeup on that in the next several weeks.
The domain will be white-labelled, so the API calls will still be going to a subdomain of myawesomeAPI.com
What domain would this white-label admin interface reside on if a sales/signup page and my actual API endpoints are on my domain for example? Wouldn't customers find it jarring to be going to "myawesomeAPI.com" to signup and then the domain for actual API calls ends up on "resteasyapi.com"?