From 745cb49cbf88a2cb9e6945fe8d89c5cff061ec76 Mon Sep 17 00:00:00 2001
From: Lukasz Ostrowski <lukasz.ostrowski@saleor.io>
Date: Mon, 20 Feb 2023 10:50:33 +0100
Subject: [PATCH] Add note about protected handler (#182)

---
 docs/protected-handlers.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/docs/protected-handlers.md b/docs/protected-handlers.md
index 2bff0ef..21a739d 100644
--- a/docs/protected-handlers.md
+++ b/docs/protected-handlers.md
@@ -1,6 +1,11 @@
 # Protected API handlers
 
-The App SDK provides helpers which ensure, that incoming requests are send from Saleor dashboard. Example of such situation could be a change of the application configuration iframe.
+The App SDK provides helpers which ensure, that incoming requests are sent from Saleor dashboard.
+Example of such situation could be a change of the application configuration iframe.
+
+> **Warning**
+> This handler only works for requests originated from frontend calls. It checks JWT token from the client, which is available
+> in AppBridge. Do not call this endpoint from backend context (calling it from API function will fail)
 
 ## How to protect the endpoint