Imported Google Group message.
Date:Friday, 15 May 2015 16:13:50 UTC+1.
I'm afraid not, when you define an API the auth method is global.
You could register your HMAC endpoints as a different API and then force the signature on those, when you create API keys you bundle pboth API's into the access rules so that access is transparent - youwould need to do some jiggery-pokery with URL rewrites though to get the outward-facing API to look sane.
- show quoted text -