BridgeStackAPIRestricting routes
Reduce exposure by locking routes and methods.
Route rules
Define allowed paths and methods per client or partner.
Access rules
Bind methods and route sets. If you do not create rules, everything is allowed.
Access rules
Bind methods and route sets. If you do not create rules, everything is allowed.
+ Add rule
Rule 1Remove
Methods
GETPOSTPUTPATCHDELETE
Routes (comma separated)
/auth, /sessions
Rule 2Remove
Methods
GETPOSTPUTPATCHDELETE
Routes (comma separated)
/users, /users/{id}
Validation
Rejected calls are logged with clear denial reasons.