Comment on page
The Data API
The Data API allows other systems to search for, read, create, modify and delete data in your application’s database via a RESTful interface.
The Data API is disabled by default. To enable it, go to Settings - API and check the box 'This app exposes a Data API'. This allows you to select one-by-one which data types are exposed in the Data API.
Access to data is controlled by the privacy rules applied to that particular data type.
If this box is checked, the client will be able to retrieve all the fields on all the things of a given data type. If you uncheck this box you can check which fields are returned one-by-one.
If this box is checked, the client will be able to retrieve a list of things of a given data type, optionally using search constraints.
If this box is checked, the client will be able to retrieve files saved to a given data type.
This setting does not affect clients who access the database via the Data API.
Whenever the Data API is enabled for a database thing, three new options are available in that thing’s privacy rule:
- Create via API
- Modify via API
- Delete via API
These settings only apply to clients that access the database via the Data API. All three are disabled by default on existing privacy rules. They do not affect your application’s regular users or your API Workflows.
The Bubble manual gives extended information about Bubble's features and how to use them.
Authentication is the process of identifying who the client is in order to determine what they have access to. Article series: The Bubble API and authentication Authentication types The Bubble API lets clients authenticate in different ways: Article: Accessing the Bubble API without authentication Article: Accessing the Bubble API authenticated as a User Article: Accessing the Bubble API authenticated as an admin
How to set up authentication in the external system The Bubble uses the bearer token method to authenticate clients.