I'm developing a website and mobile application that communicate with each other.
It's very basic at the moment: the app makes a get request to a URL and the server returns JSON data.
I want to secure this and make sure no-one can send a get request to the URL and get this data (only the website and the app). Is it ok to make a 60+ character password that the app can send with the request that the server accepts before data is sent, or is this breakable?
I dont want to use OAuth because it's overkill as only the app and the site are going to communicate. Please provide me with a few solutions, thanks!
您可以使用HTTPS传输数据。但是,您需要使用SSL证书。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.