There is no such thing as “api misuse”. You provide the api and people use it according to the conditions you provide. Tighten your shit. Don’t blame your own failures on other people.

This article is written like a security consulting firm pamphlet.

Oh no, my email and name! /s