Hello,
I have some API workflows exposed for external systems which use an API Token. I want to protect those workflows from anything or anyone that does not possess an API Token.
What checks should I run in the “Only when” of the API Workflow? I have noticed that the “Current User’s unique id” starts with “admin_user” when using an API Token but I haven’t found any documentation about it. I don’t know if that’s a future-proof way to check for API Token use.
Is there a clean way to make that verification?
Thank you,
Florian.