I deployed a Django app on Heroku that exposes an API which I call

Question

0

Asked: June 13, 20262026-06-13T17:23:39+00:00 2026-06-13T17:23:39+00:00

I deployed a Django app on Heroku that exposes an API which I call

0

I deployed a Django app on Heroku that exposes an API which I call from an Android app. I wonder now how secure the Heroku Piggyback SSL encryption is. I transmit data that has to be secure in the URL itself.

A request might look like this one

https://myapp.herokuapp.com/api/v1/friends?authToken=xyz

Obviously no one should be able to sniff the URL and get the authToken from it. Is that true for the Heroku Piggyback SSL? If yes, is there an advantage of using the SSL Endpoint add-on with my own SSL certificate?

Thanks
Simon

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-13T17:23:41+00:00

Editorial Team

2026-06-13T17:23:41+00:00Added an answer on June 13, 2026 at 5:23 pm

It’s as secure as Heroku’s infrastructure, anyway–obviously you’re trusting both their internal configuration and Amazon’s cloud not to leak your visitors’ information.

That aside: Any SSL configuration should protect the privacy of your URLs in transit. You’re probably fine.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I deployed a Django app on Heroku that exposes an API which I call

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply