If an non-authenticating internal service is also published to an external audience, and authentication is desired in the latter situation....then the same service will need to be called with authentication from one client group, and without authentication from another client group.
Is the best practice to:
1.4m articles
1.4m replys
5 comments
57.0k users