Hi.
Here is my api call set up in Bubble:
And here is what I see in the network tab:
If I make a POST call with this content, I can get the results even from outside the website.
Where am I doing wrong? It looks like Bubble is converting my initial api setup with another call with one from its servers. And users can directly call this Bubble’s api to get the data.
Why is Authentication set to “Null” in the call?
Hi @kyazogluu 
I am not sure if I understood the issue. What this API does?
Probably because it is private.
Well if that’s the case then no problem. I thought there was no authentication method.
For your other question, this is an api for getting data from an endpoint on PythonAnywhere.
I set up the keys in the header as you can see. But in the network tab, Bubble makes an api call which can be copied and pasted to imitate the same call.
I think the main problem is here somewhere:
I tried setting the Authorization to Bearer API_TOKEN , with API_TOKEN being the token I generated in Settings > API. But no luck.
But how your users can make the same call if they don’t have your key/token ?
Hello,
can you look at my new topic which explains better?
http://forum.bubble.io/t/how-to-prevent-users-make-api-calls-outside-of-website/243423
