Hey,
Path-:core/src/main/resources/hudson/model/Api/index.jelly, I see there’s no mention for the security considerations for a user. APIs can showcase data such as job configurations, build details.
Fix-: Adding a security section in the mentioned path file for the authentication, token usage and HTTPS.
If the issue is relevant, I’ll open an issue in the directed repository and provide a fix for the same.