Secret Token

In order to protect your endpoints you can enable auth using a Token which is secret and unique per account.

Use it along the Authorization HTTP header as a Bearer token.

Checkout specific examples for cURL and Javascript.


You can enable Mutations, which are disabled by default for security purposes.

It's recommended to enable secret token protection when using mutations

See Mutations docs