I actually just posted it on the Ideaboard that API Keys should have their own privacy rules…
I think you just have to be careful youre users can’t see the API key, and only the proper data is being sent to your external API, etc.
Doing some searching around, I found a post by @keith talking about possibly calling an API in the context of a User How To Assign A User To A API Workflow Endpoint - #4 by keith
Seems promising and I am interested in this as well. Maybe there’s a workflow to setup so each user can have their own API key and Bubble would know to follow the User’s privacy rules…
Found another related post: Set up own API for end users - #11 by exception-rambler
Just read over that last thread, seems like it’s the solution