I was wondering what steps I can take to secure access to the embedded nocodb iframe?
Because as it is right now, anyone with the link can edit the data (if enabled).
Can I use CORS policies for this?
CORS policy setting is not available for embedded database. Could you please raise a feature request with all the details.
Password protection would also be an option, will create a feature request