You can use policies for this.
With a policy you can check if the user is the one that is making the request
Since it’s not specified what version you are on
V4 https://docs.strapi.io/developer-docs/latest/guides/is-owner.html
V3 Is Owner - Strapi Developer Documentation