At current, there is no built-in mechanism to support one-time use access keys for clients to submit files directly from the client endpoint.

Form Recognizer should incorporate similar functionality to Azure Storage Shared Access Signature keys or provide a mechanism of issuing one time use keys to allow clients to directly submit files to the server to bypass additional superficial server-side processing.

At current, the model requires the usage of some additional processing layer to inject the secret APIM key. This is very much a waste of resources and application throughput as it is merely a mechanism of securing the access key on the application side.