Public Backend API Protection

I am hosting a website at, let’s say, example.com, and when it loads, it fetches data from api.example.com, which is a public API endpoint. The data being displayed on example.com should be available to all the users without login, so my question is, how do I protect the API URL to allow access from the frontend only. I know about CORS stuff, but I want to protect the API URL if someone is accessing it via curl, postman (rate limit is not a solution), or any other client than my frontend. Is there any JavaScript framework that provides anonymous authentication from the frontend to access the backend the way I described above? My backend language is .net core(web API template) and for the frontend, I am using Reactjs

I am hosting a website at let’s say example.com and when it loads it fetches data from api.example.com which is a public API endpoint and the data being displayed on the example.com should be available to all the users without the need of login so my question is how do I protect the api.example.com to allow access from frontend only. I know about CORS stuff but I want to protect the API URL if someone is accessing it via curl, postman, (rate limit is not a solution), or any other client than my frontend. Is there any JavaScript framework that provides anonymous authentication from the frontend to access the backend the way I described above?