Yes seems like that should do. You can try visiting your function by directly calling the URL, or by sending an invalid auth token on purpose to see if it’s properly showing the error. As long as it’s doing that, I think you’re fine.
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| [Support Guide]: How to apply Access Control for Netlify Functions? | 26 | 6552 | February 24, 2026 | |
| Restricting Netlify Functions to App only | 4 | 2444 | July 14, 2021 | |
| Using Identity to authenticate api calls on your own API | 4 | 1305 | July 12, 2019 | |
| How to prevent a function from being successfully called from the browser | 6 | 1276 | March 25, 2021 | |
| Should I switch to Netlify for hosting my express node app? MySQL DB, Express Rest API, NextJS front (deployed with Netlify) - Netlify Identity auth | 1 | 681 | August 6, 2022 |