Update API key documentation (#15780)

* Update notify.clj * Update auth.clj

Update API key documentation (#15780)
10ddc517 · Luis Paolini · GitHub · ef2cc2a4 · 10ddc517 · 10ddc517
Unverified Commit 10ddc517 authored 3 years ago by Luis Paolini Committed by GitHub 3 years ago
--- a/src/metabase/api/notify.clj
+++ b/src/metabase/api/notify.clj
@@ -14,7 +14,7 @@
 (api/defendpoint POST "/db/:id"
  "Notification about a potential schema change to one of our `Databases`.
  Caller can optionally specify a `:table_id` or `:table_name` in the body to limit updates to a single
-  `Table`. Optional Parameter `:scan` can be `\"full\" or \"schema\" for a full sync or a schema sync, available
+  `Table`. Optional Parameter `:scan` can be `\"full\"` or `\"schema\"` for a full sync or a schema sync, available
  regardless if a `:table_id` or `:table_name` is passed.
  This endpoint is secured by an API key that needs to be passed as a `X-METABASE-APIKEY` header which needs to be defined in
  the `MB_API_KEY` [environment variable](https://www.metabase.com/docs/latest/operations-guide/environment-variables.html#mb_api_key)"

--- a/src/metabase/server/middleware/auth.clj
+++ b/src/metabase/server/middleware/auth.clj
@@ -37,7 +37,9 @@
  is available then we validate it by checking it against the configured `:mb-api-key` value set in our global config.

  If the request `:metabase-api-key` matches the configured `api-key` value then the request continues, otherwise we
-  reject the request and return a 403 Forbidden response."
+  reject the request and return a 403 Forbidden response.
+  
+  This variable only works for /api/notify/db/:id endpoint"
  [handler]
  (fn [{:keys [metabase-api-key], :as request} respond raise]
    (cond (not metabase-api-key)