How can I prevent another people access to my graphql end-point

System Information
  • Strapi Version: 3.6.8
  • Operating System: Windows
  • Database: Postgresql
  • Node Version: 14.15.5
  • NPM Version: 6.14.11
  • Yarn Version: 1.22.5

I get into trouble with my idea. I want to make the public post query graphql to my front end, but I don’t want to share with another party. If another party knows my endpoint address, they can easily access my public query graphql, so I want to have a validation key to validate with strapi to access my endpoint graphql. I used cors in middleware for this situation, but I just think about that How can I access the graphql endpoint when I develop the software for the smartphone. Can you help me? Thank you very much!!!