Our great sponsors
-
Of course, you can look into CORS, but this can only do so much and is quite easily circumvented (as others have mentioned, nothing is stopping someone from just opening Postman and creating a request targeting that endpoint).
-
If you want to protect user data, this can be done by only supplying data to users if they have the appropriate permissions to view it. Authentication like this is usually implemented using JSON Web Tokens (JWT) and storing an authentication token in the database to match against each user session.
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.