You're exposing your API keys in HTTP requests!! For beginners
Shared this on another automation group and it was well received so sharing it here for others to know - aimed mainly at N8N users: It's critical if you're working on client projects, with client API keys that you're encrypting them properly using N8N credentials. Non-encrypted API keys = someone intercepting and abusing your API key I've seen a few POCs (AI agents with HTTP requests and general HTTP requests) demo'd now where API keys are added directly into the request headers and sent unencrypted in the request so I created a video to show how to properly encrypt them in N8N (and with agents) & why it's important