Create an api for public

vishnuvarmana · March 29, 2023, 12:09pm

my scenario is to create an API and share it in public. the public should access the information without any authentication required.

Like,

I shall create a doctype in Frappe
create a short url and share the same in QR code
QR code can be printed and shared in public.
Scan the QR code and redirect to that URL without any authentication and display the page

I am new and I need guidance.

Thanks in advance.

khushal_t · March 29, 2023, 12:25pm

@frappe.whitelist(allow_guest=True)
def your_api():
   """ code goes here """

vishnuvarmana · March 31, 2023, 8:45am

@khushal_t , Thank you. Let me try this and update you.

rmeyer · March 31, 2023, 8:50am

Note that whitelisted methods are a common cause of security issues. You are responsible for making sure that you sanitize malicious input, check permissions, etc. For example, don’t inject user input into a SQL query, etc.

vishnuvarmana · April 10, 2023, 9:35am

Thank you guys. I shall try the same and keep the key points and security in consideration.