stackoom
  简体   繁体   中英

Limit REST API access by clients

 原文  2017-05-11 07:05:25       rest/ api/ security/ mobile

Question

We develop a mobile application, so we have a REST API(server-client).

Is there a way to limit that only our mobile application can send requests to server through API? So, best will be that server will not accept requests from other clients, maybe it is possible to do that with certificates?

2 answers

solution1
 0  2017-05-28 02:56:08

You can check in your web services user agent. If use agents is mobile device and you can generate token for each device and you can identify the requested client..

solution2
 0  2017-05-28 03:57:43

If you use SSL you can work with client certificates.

Another option is to use a Client ID and a Client Secret. Use the client secret to sign your client ID within the request.

Use OAuth with the Client Credential grant. This is more or less similar to the above one but more formalised and you can use standard libraries.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Authenticating lots of clients for a REST API How to throttle clients in a REST API How do I restrict access to my REST API to only authorized clients? Offer some REST API resources for specified clients Securing REST API that will be accessed by diffrent clients REST-like API: How to identify clients? Bundle similar REST API requests of different clients Make REST API respond only to known clients Authenticating REST API clients for just my App secure a REST API for use by Android clients
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM