Split API routes into an internal (cookie authenticated) route and a public (API token authenticated) route, we want to get rid of API routes that are public with no authentication.
Example
Internal:
${APP_URL}/api/v1/internal/* secured by a cookie containing our access token and refresh token
Public:
${APP_URL}/api/v1/* secured by an API token explained in #2
Split API routes into an internal (cookie authenticated) route and a public (API token authenticated) route, we want to get rid of API routes that are public with no authentication.
Example
Internal:
${APP_URL}/api/v1/internal/*secured by a cookie containing our access token and refresh tokenPublic:
${APP_URL}/api/v1/*secured by an API token explained in #2