Consider an API key type setting to allow people without permissions to view it

Problem/Motivation

Someone might want to allow others to view their installed modules, without allowing all anonymous users to do so.

E.g. if a group of councils (all Irish councils, or all Welsh councils, etc) wanted to share with each other what is installed on their sites, or a parent organisation (such as LocalGov Drupal) wanted to collect data about what is installed on each LGD site for purposes of deprecating modules.

Proposed resolution

Create a settings page where a site can input an API key or a list of sites that's allowed to access the data in JSON format. Then if a JSON request is sent with that key in the header, the info can be read.