Hello everyone,
I watched the Professional Security course by @jj11 in partnership with @flusk
JJ Englert is talking about the Option “Enable data API”.
I misunderstood one point. He made the parameters with an API Connector as you can see on the screenshot.
Is it a good practice to make it even if you don’t connect your app with another app to increase the security?
Thank you
Anything not private in the API connector is visibly publicly.
So, anything in the URL is normally public (unless you make it private as in your screenshot).
I don’t bother making the endpoint URLs private unless there’s a particular reason to do so, but it certainly wouldn’t do any harm.
Are you sure?
On the videos from JJ Englert or Planet no Code or the book from @petter , they recommend to click on Private to make it safer.
