Public Backend API Protection

I am hosting a website at let’s say example.com and when it loads it fetches data from api.example.com which is a public API endpoint and the data being displayed on the example.com should be available to all the users without the need of login so my question is how do I protect the api.example.com to allow access from frontend only. I know about CORS stuff but I want to protect the API URL if someone is accessing it via curl, postman, (rate limit is not a solution), or any other client than my frontend. Is there any JavaScript framework that provides anonymous authentication from the frontend to access the backend the way I described above?

A post was merged into an existing topic: Public Backend API Protection