I have a project that uses Contentful and I have two different environments. I do not server front-end directly by Contentful. I have a BFF (Back-end for front-end) which is an app that talks to Contentful and serve JSON data to the front-end. On our BFF I use Contentful’s Api keys for two different environments that I have defined on Contentful.
There are some media assets like PDFs that I keep on Contentful and I would like to secure them because when a Content item is served to the front-end through BFF from Contentful, Front-end can see the file URL and everyone with that file URL can access the file no matter if they are logged in or not.
Is there any way that I can secure the files?
Do assets’ URLs have a final limited time? If yes How long is that lifetime? And is that possible to change the URL’s lifetime?