Hello!
I have multiple API Flows, these are called from external programs, sometimes from customers or suppliers.
However, nothing stops these people from calling other API Flows that they shouldn't call, and there seems to be no way of configuring API Flows for specific users.
How can I restrict API flows from being called from unauthorized users? There's no place to configure this either in ION Desk or API Gateway.
The API Key that we've provided can only enforce some standard Infor scopes, but these doesn't correctly get enforced.
EDIT: I can see that there's a possibility to add UserSecurityClaims in custom ION API Suites. But this is not possible towards API Flows.
