Bubble Docs

Using the API

You use the API by making some requests to the Bubble API. These requests can be done by you, or some external services and developers.


When exposing your app's API, make sure you think about security! This includes being conservative about sharing your app's API key(s) and setting up Privacy Rules for any data being exposed in the app's Data API.
Note that if you do not set up Privacy Rules, a savvy outsider can find tricks to explore any data types and fields that are not protected by Privacy Rules. In other words, "security through obscurity" is not a good approach!
Please refer to the API Reference for comprehensive instructions and details about authentication, sending data, and API responses.
To issue API keys, you can do this in the Settings tab, API section. Note that when a request is made with an API key, the user will be considered as an admin user, and will have all rights on the data. On the other hand, if you're using a token returned by a sign up workflow, privacy rules will apply to the current user.

Workflow API calls

Triggering a workflow is done via a POST request. See this section of the reference for more details about this.

Data API calls

Creating, modifying, fetching and searching data through the Data API follows a particular syntax, and responses follow a pagination system. See this section of the reference for more details.