Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m working on an iOS app which will need a server backend for users to grab data from, but the data isn’t stuff that I’d like any packet-sniffer to be able to use. I’ll be paying to access the data, so I’d like to ensure that if something is connecting to my API to request data, it is in fact MY app, and not some dude who wants free information. Is there a standard way to do this kind of thing?
Best way would be registered users, with the user entering his credentials into the app.
This way, you could also measure how much data each user accesses, if you are worried that some users might scrape and share.
Without registered users, you could have a secret token built into the app. Could be reverse-engineered and hacked, though.
As for the packet-sniffers, use SSL for the connections to your server.