# Authorization - Public APIs While Spark service APIs are private by default (meaning they are only accessible by authorized users) it's possible to make them public . A Public API is available to use by anyone without any restrictions. To enable a Spark service to be public, it requires: 1. The tenant to be configured to enable public services. 2. The service is configured to enabled to be public. ## Enable 'Public' API visibility settings Spark services can only be public if the `tenant-admin` permits it. Tenant admins can adjust this setting from the [Options](/navigation/options.md#tenant-configuration) page under [General configurations](/tenant-administration/manage-tenant-settings.md#set-general-configurations). From here, `tenant-admin`s can also decide the default visibility of Spark APIs. If the default is set to *Public*, all services created afterwards will be executable by non-authorized users. ## Assign a Public API key When a public Spark service is executed, the API call does not require any authorization. However, the `tenant-admin` must assign an [API key](/spark-apis/authorization-api-keys.md), which will be used to correspond to all public API requests, in the [General configurations](/tenant-administration/manage-tenant-settings.md#set-general-configurations) tab of the Tenant configuration page. * Ensure that the API key has access to the services that will be made public. * It is suggested to review the user groups assigned for this API key to understand which Spark services are accessible. ## Publicly available APIs By default the APIs that are publicly accessible are the same as those defined in [Authorization - API keys](/spark-apis/authorization-api-keys.md#api-key-terminology). Note that access to a Spark service is not by default granted unless [#enable-or-disable-public-api-on-a-service](#enable-or-disable-public-api-on-a-service "mention") is also completed. ### Enable public APIs for Spark Shell functionality This needs to be enabled to allow the full functionality for Spark Shell. When enabled, endpoints will allow fetching detailed information about the Spark service and posting records to the execution history posted without authentication. ### Enable public APIs for access to WebAssembly Modules When enabled, any Spark services set to public will also make their compiled code (WebAssembly Modules) available via the [WebAssembly module API](/spark-apis/webassembly-module-api.md) without authentication. This is useful for use cases where the Wasm is needed to be easily accessible to serve a website. ## Enable or disable Public API on a service If the tenant admin has enabled the *Public* API visibility settings, individual users are able to manage this setting on a service basis from the Service details tab of the Service documentation section. Setting this field as *True* will allow non-authorized users to access the above APIs. Please note that updating this field will trigger the creation of a new version of the service. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.coherent.global/spark-apis/authorization-public-apis.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.