The `AUTH_API_SECRET` shouldn't be hardcoded Replace with a rotating secret or some ephemeral token based auth system as a key to perform this task
The
AUTH_API_SECRETshouldn't be hardcodedReplace with a rotating secret or some ephemeral token based auth system as a key to perform this task