Unsplash CEO asked us to stop exposing our key client side (even if it was
only in the browser network and allowed by Unsplash API team leader).
Also, all our Odoo instance, on premise or not should share the same
production key, which is not possible for us obviously.
After multiple exchange, it has been negociated that:
1. Our non saas user won't be able to apply for a production key and should
prefix they Unsplash application name by 'Odoo:'. Their key will remain in
test mode.
Indeed, Unsplash won't be able to review every Odoo application and ensure
it respects the API terms and it is a real application.
2. Our saas user will query Unsplash server side so the key remain hidden.
3. The documentation should explain it all
