Using the data api is it secure enough to put the end points on the front end? for writing to database?