I’ll try to answer based on my own knowledge of strapi:
-
The
usertable refers to strapi’s users (User (by: users-permissions)), so the Admin, editors, SuperAdmin etc… you cannot delete it because you cannot delete the super admin ofc, otherwise you wouldn’t be able to login into strapi.
The endpoint should be located under USERS-PERMISSIONS > USER > me -
Just hide strapi in a different route, or secure it with a password, IP restrictions etc…
-
The [roles & permission] (https://strapi.io/documentation/developer-docs/latest/plugins/users-permissions.html#manage-role-permissions) plugin should do just this
-
I don’t have a good knowledge of mongoDB, sorry
