How to make public(no auth) a custom query

I crate a custom query like this

resolve: async (parent, args, context: StrapiContext) => {
    const request = as ProductVariantBySkuInput;

    const product = (await strapi.entityService.findOne(
        populate: {
          variant: true,
    )) as Product;
    if (!product) throw Error("Some product not found");

    const skuVariant = {
      variant: product.variant.find(
        (variant) => variant.sku === request.sku
    return skuVariant.variant ? skuVariant : null;

If I send Bearer token it works

But i dont, give me a Forbidden access, how i make this query public with no auth?