The Data API

This section covers the Data API, which lets you set up your application to accept incoming requests to read, create, edit and delete records in your database.

The Data API is Bubble’s automated way of providing external systems access to your app’s database. It allows one-click creation of a interface to some or all of your application's data. You can let a client read, modify, and delete individual data items, search for data using a flexible query language, and create and bulk upload new things

You can grant to the database and allow another system to be able to freely make changes (even in bulk) or you can exert l over what data types they can access and what kind of actions they can take. Since the Data API in theory can give any external system complete control over your database, it’s important to learn how to set it up in a secure way.

Remember that Bubble offers strong security, but we don’t enforce it – because we want to allow flexibility you are free to set up your Data API to be as open or closed as you prefer. This is why it’s important to learn how different decisions affect security so you can make informed decisions that suit your project.

Activating the Data API

You’ll find the Data API by navigating to Settings - API. To make sure that no one can access your database unless you want them to, the Data API is disabled by default. To enable it, check the Enable Data API checkbox.

As soon as you have the Data API enabled, you’ll see a list of all your data types along with a second checkbox: this is where you select which data types to expose in the API

Only activate the Data Types that you want to expose in the Data API.

Keep in mind the following:

Unchecked data types are not available in the Data API regardless of how the user authenticates
Checked data types are exposed, but adhere to the privacy rules in combination with the client’s authentication

Data API Privacy Rules Data API endpoints Data API requests

Data API security checklist

This section covers Data API security in a short checklist, allowing you to plan and set up secure connections with external clients.

Article: Data API security

Core reference entries about the Data API

Our core reference section contains short-form technical instructions that you may find useful when you're working with the Data API: Reference: The Data API Reference: List of Data API requests Reference: Constructing the Data API endpoints

Last updated 5 months ago

Activating the Data API

As soon as you have the Data API enabled, you’ll see a list of all your data types along with a second checkbox: this is where you select which data types to expose in the API

Only activate the Data Types that you want to expose in the Data API.

Keep in mind the following:

Unchecked data types are not available in the Data API regardless of how the user authenticates

Checked data types are exposed, but adhere to the privacy rules in combination with the client’s authentication

Data API Privacy Rules

Data API endpoints

Data API requests

Data API security checklist

This section covers Data API security in a short checklist, allowing you to plan and set up secure connections with external clients.

Article: Data API security

Core reference entries about the Data API