From 2bc01f9c184ecf0242e2c60828f86cffe3a4896b Mon Sep 17 00:00:00 2001
From: qornwh1 <qornwh1@naver.com>
Date: Mon, 16 Mar 2026 10:22:00 +0900
Subject: [PATCH] =?UTF-8?q?fix=20:=20=ED=86=A0=ED=81=B0=20=EC=9D=B8?=
 =?UTF-8?q?=EC=A6=9D=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 MMOTestServer/MMOserver/Api/RestApi.cs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/MMOTestServer/MMOserver/Api/RestApi.cs b/MMOTestServer/MMOserver/Api/RestApi.cs
index 786ab79..baf4f79 100644
--- a/MMOTestServer/MMOserver/Api/RestApi.cs
+++ b/MMOTestServer/MMOserver/Api/RestApi.cs
@@ -8,7 +8,7 @@ namespace MMOserver.Api;
 
 public class RestApi : Singleton<RestApi>
 {
-    private const string VERIFY_URL = "https://a301.api.tolelom.xyz/api/auth/verify";
+    private const string VERIFY_URL = "https://a301.api.tolelom.xyz/api/auth/internal/auth/verify";
     private readonly HttpClient httpClient = new HttpClient { Timeout = TimeSpan.FromSeconds(5) };
 
     private const int MAX_RETRY = 3;
@@ -24,6 +24,7 @@ public class RestApi : Singleton<RestApi>
             try
             {
                 HttpResponseMessage response = await httpClient.PostAsJsonAsync(VERIFY_URL, new { token });
+                response.Headers.Add("X-API-Key", token);
 
                 // 401: 토큰 자체가 무효 → 재시도해도 같은 결과, 즉시 반환
                 if (response.StatusCode == HttpStatusCode.Unauthorized)