API can be queried without any authentication details

Hi all,

I’ve noticed, that by default you can query the API without of authentication, e.g.:

curl -X GET

Is any configuration change required to prevent it?


there are ACLs that can be defined per stream as well as defaults overall