Authentication
Understand how security and access work for your APIs generated by Sheetful.
Platform Access
Access to the Sheetful dashboard is protected via Google OAuth. This ensures that only you can create, manage, and view your projects.
API Access Control
Sheetful allows you to control who can access your API endpoints. You can configure the authentication type in the Authentication card of each sheet dashboard.
1. None (Public)
By default, endpoints can be set to public. This means anyone with the API URL can access your data. This is useful for public-facing websites or simple prototypes where security is handled elsewhere.
2. Bearer Token
For better security, you can enable Bearer Token authentication. When active, all requests must include the token in the Authorization header.
You can generate a new secure token with a single click in the dashboard. Once saved, any request without a valid token will receive a 401 Unauthorized response.
CORS (Cross-Origin Resource Sharing)
Sheetful APIs are configured to accept requests from any origin (Access-Control-Allow-Origin: *), facilitating direct use in frontend applications (React, Vue, etc).