Sometimes you want a val to be public (e.g., to give others the chance to inspect and fork it) but not to be callable by everybody (e.g., because you are accessing some resources which are rate limited or expensive)
The simplest approach to meet both requirements is to require an authorization of type "Bearer" with a (random) token that is stored in a Val.Town environment variable. Such variables are specific to the owner of a val and - since the val is running on the server - cannot be inspected be the caller.
As a consequence, only clients knowing the correct token can run the val, but everybody can inspect and fork it in order to use the val with his/her own environment setting.
To experiment with this val, please fork it and define an environment variable called "UserSpecificResource" with whatever you want to use as an access token (e.g., a UUID or a random number)
Some tests can be found in val UserSpecificResource_Test