Vaalyn
commented
5 years ago There is currently no officially supported way to restrict access to public endpoints. You could put AzuraCast behind a reverse proxy and block access to the endpoints there or override the nginx config of AzuraCast to do this. I can't provide a configuration example for this though.
Furthermore I've created a feature request for adding a management interface for API endpoint visibility settings: https://features.azuracast.com/suggestions/39973/manage-api-endpoint-access-from-web-interface
It's clear, how can I have a workaround for hiding nowplaying API when header is not present?