Public access to API should be reserved to public content
What is the problem you are facing?
I'm trying to make public content public, and private content private.
Turns out, if I understood correctly, it's not possible currently:
- either you open your API, and your whole libraries are browsable (though not playable, but a lot of metadata is available)
- or you keep your API closed, and then public content never appears to non-authenticated users (though some may have channels or public libraries).
I was assuming initially that setting anything public would make it visible / available to authenticated / non-authenticated users alike. I understand now that the design is different, but it would be great to have this in-between option. That could be shown on the About page as well, since it's instance-wise.
It adds more flexibility instance-wise, with an API setting that would differentiate between:
- Make all metadata public and public content available to anonymous access
- Only make public-content metadata & data available to anonymous access
- Require authenticated user to query API (access then depending on profile of libraries / user-accepted shares).
What are the possible drawbacks or issues with the requested changes?
I don't know.