sparkle
Reputation: 7398
How allow to request my API only by my mobile app?
I have developed an API restful in JSON to retrieve data from my server by a mobile app (iOS). I want to keep hidden my API avoiding someone via a network sniffing tool (like Wireshark) could find out it. On my server how can I allow only http request from my mobile app? What can I do?
Upvotes: 0
Views: 1350
Answers (1)
Moshe
Reputation: 58097
Use SSL and an API token.
Essentially, your request is going to contain your API token or key as a part of the request payload. You can encrypt the data yourself, using SSL, or both.
On the server, you check that the token matches with what is a valid token.
Upvotes: 5
Related Questions
- Protecting API for use from specific apps only
- How to restrict calls to API rest
- How to make sure API requests come from our mobile (ios/android) app?
- How can I prevent other iOS/Android apps from using my RESTful API?
- How do I restrict access to my REST API to only authorized clients?
- Restrict API requests to only my own mobile app
- make API on the server available only for me
- Securing MY REST API for use with MY IOS APP only
- How to make my API private but usable by mobile application?
- Restrict API calls. Allow only my mobile app