Authentication mechanism for HTTP ingestion?

[haf]

A consideration, only?

E.g. let the serverKey of the embedded web server be shared with the clients; this is just a precaution, since you can get around it by reading the app's memory or MITM-inspecting the traffic.

The aim would just be to make it harder to ingest crap data from malicious actors.