🔧API manage endpoints

IncludeCore lets you control endpoint access on your side, and we guarantee the highest security standards for code and servers.

Enabling and disabling API endpoints

In the API endpoints manager tab, "enable," "disable," and "key access" endpoints are three distinct actions used to manage whether a specific API endpoint is accessible and can be interacted with by external users, services, or applications.

NOTE: To manage data, click the Databases & CMS panel button.

Enable API endpoint (public)

  • Purpose: Enabling an API endpoint means allowing it to be accessible for external interactions. It opens up the endpoint for use by clients, such as mobile apps, websites, or other systems.

  • Functionality: When an API endpoint is enabled, it can perform its intended functions, which may include retrieving data, submitting data, updating records, or executing specific actions.

  • Access: External clients and users can send requests to the enabled API endpoint, and the system will process these requests according to the defined functionality of the endpoint.

  • Use Cases: API endpoints are typically enabled when you want to provide access to specific data or functionality to authorized clients or when you're ready to make a feature available for external use.

Disabled API endpoint

  • Purpose: Disabling an API endpoint means preventing it from being accessible for external interactions. It restricts access to the endpoint and effectively shuts it down.

  • Functionality: When an API endpoint is disabled, it cannot perform its intended functions. Any attempts to access it will result in an error or a lack of response.

  • Access: External clients and users are no longer able to send requests to the disabled API endpoint. The system disregards any incoming requests for the disabled endpoint.

  • Use Cases: API endpoints may be disabled temporarily for maintenance, security reasons, or when certain functionality needs to be restricted or deprecated. Disabling an endpoint can also be part of a phased rollout or testing process.

Key access API endpoint

  • Purpose: A key access endpoint is designed to ensure that only authorized users or systems with a valid secret key can interact with it. This security mechanism restricts access to the endpoint, allowing it to be accessed exclusively by entities possessing the requisite key.

  • Functionality: When a key access endpoint is in place, it functions as a barrier, allowing only requests accompanied by a valid secret key to proceed. Any attempts to access the endpoint without the correct key will result in an error.

  • Access: External clients, users, or systems must provide the correct secret key (available in the project settings page) as part of their request to access the key access endpoint. Requests lacking a valid key will be denied, preventing unauthorized access.

  • Use Cases: Key access endpoints are frequently employed to enhance security and control over interactions with an API. They are commonly used in scenarios where sensitive data or critical operations are involved. Some typical use cases include: Backend for Frontend (BFF), microservices, and server-to-server communications.

Last updated