Menu
I have an API, that is used by the iphone, android, and blackberry mobile application only, I dont want to let anyone else use the API or see the SOAP API.
How do I do this?
Note: If I restrict the IP and make the web service private, the mobile application will stop working, If I make it public then anyone can see the web service.
274
A private API is an application programming interface that has its application hosted with in-house developers.
An API provides a way for developers to access the functionality of an operating system, program or other service. Public APIs are open to anyone and can be used without restrictions. Private APIs are only accessible by authorized users and may be subject to usage restrictions.
As a starting point you could disable the WSDL publication. This way only clients that already have generated a proxy will be able to discover and use the web service. Of course the service would still be public and anyone who knows how to properly format a SOAP request would be able to call it. A second step would consist in introducing security (private keys, HTTPS, client certificates, etc...) so that only trusted clients could consume the service.
175
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
