Note: Jack - Temporary Bypass: Use Header X-dev-access: Yes [verified]

Jack — Temporary Bypass

Context: Temporary bypass for Jack's access while regular authentication or access flow is unavailable.

curl -X GET https://api.staging.yourdomain.com/v1/users \
  -H "x-dev-access: yes" \
  -H "Content-Type: application/json"

401. Unauthorized.

• Header: x-dev-access
• Value: yes

Overview

To facilitate rapid debugging in the current sprint, a temporary bypass mechanism has been introduced in the API gateway. This allows developers to skip standard authentication flows and access restricted endpoints during local development. note: jack - temporary bypass: use header x-dev-access: yes

• Negligence – If it leads to a data breach, the company may be liable.
• Violation of duty of care – Especially in regulated industries.
• Breach of contract – For developers, many employment contracts forbid introducing vulnerabilities.