Add posibility to send query signature string in the http header like an API-key.
why it’s need to add signature in the header?
Because header doesn’t mutate signed data. It’s by design in some libs.
I’ve seen that signature in headers in other APIs. It makes sense as, if you add a signature field in the body, you are not signing that signature (thus creating an infinity loop).
The signature gets skipped of course, but still, would make more sense to have it in the header. (or allow both options)
signature parameter can/must be removed from the body if it’s placed in the http header.
Example: BitMex API Keys Usage - BitMEX