Suppose I have a url like
http://mysite.com/get-users
which returns a JSON object of all users. But, I don't want anyone (or any bots) to be able to go to this url to fetch this information. I want it to only respond to calls from other local modules in the same website.
How would I go about implementing someting like this?