If the API is served over HTTPS your traffic is already much safe. If not, check Let's Encrypt and do it right away. Your API also should have a auth protection if it handles sensitive data, like a JWT approach. Also, check HelmetJS for some security good practices.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
What do you understand about "encryption"?
If the API is served over HTTPS your traffic is already much safe. If not, check Let's Encrypt and do it right away. Your API also should have a auth protection if it handles sensitive data, like a JWT approach. Also, check HelmetJS for some security good practices.