PHP

How to make authorization for the server with API?

Good afternoon! There is one project in which a large database is formed on the basis of which the corresponding catalog for the site is formed. One good friend suggested making a similar application for ANDROID / IOS based on the site's API. The essence of the interaction of the android application with the server is something like this:
1) the application sends a POST request with input parameters to the server.
2) this request is processed by means of PHP and forms the corresponding response in JSON format.
3) the android application processes this request and generates content for the user based on it.
Since the size of the database has already exceeded 15 GB, the question arises of controlling the use of this api only by the designated android application. What is the best way to organize access control (authorization) for the interaction described above?
I would be grateful for links to the manual, or HOW TO.
Server source data UBUNTU/debian APACHE 2.2 Postgresql, php 5.4