From my understanding this is the correct way of adding Basic Authorization to the URL. I appreciate it exposes the credentials but it is not going to be published, it will only be available to the person with the key, i.e. me
The issue I believe is due to the fact that the password is blank and I was seeing if anyone had found a way to pass the key/username in alone
thanks