Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Max Khrichtchatyi2014-07-06 13:41:36
API
Max Khrichtchatyi, 2014-07-06 13:41:36

How to implement controlled API access from a JS & HTML application?

To begin with, there is an API with authorization checks, tokens and other parsley.
There is also a desktop and mobile application written on cross-platform frameworks like PhoneGap, these applications interact with our API (https). The problem is that such applications are very easy to tear apart and look at the logic of working with the API. How to make sure that only our applications can work with our API?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey, 2014-07-06
@j0shu4b0y

No way. You can try to enter something like RSA with keys for the application, and exchange some kind of signature in the headers, etc. As for "tearing" - any sniffer will show you how to communicate with a third-party apishka.

Similar questions
T
TANK_IST2018-04-26 07:14:26
How to synchronize information from admitad with the cashback site? 1Reply
A
astrotrain2015-12-17 13:27:28
How to check payment on bitcoin-wallet? 6Reply
A
Artem Melnykov2020-05-29 08:13:08
How to get mp3 link from m3u8? 1Reply
V
Vadim2018-04-28 11:51:33
Are there any services with an API for video processing? 2Reply
I
Ivan Ivanov2020-05-31 12:30:04
How to add an API search? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question