Rest API Bypassing My Privacy Rules

Hello everyone,

I’m currently working on exposing some of my data through a Rest API. When testing the API with Postman, I noticed that all the data of that specific type was exposed. I believe the privacy rules are set correctly, however, it seems they’re not being applied to the Rest API, and I’m at a loss on how to address this issue.


Privacy3

An API key generated via the app settings is full Admin level access. I wish they would allow privacy rules per API key.

@tylerboodman is correct - your app’s API key provides full admin access.

You can set up a process to authenticate as a user to generate an API key that follows privacy rules:

Hope that helps

1 Like