0
Hello.
I have an API in my back-end that provides the data for my web application (web ad query application).
The application has no login and password, so few registered users. It is an application where users only make queries.
But I wanted to restrict access directly to the API, where only my application would have this access, that is to restrict access to the API by third parties who might want to use my API for some reason..
What would be the best solution? The API is developed in Java Scpring Security.
Search for authentication via oAuth. It involves using a token in the request to your api. Spring security is fully compatible with this solution.
– StatelessDev
I understand that Uth limits the request with token usage, but if I store this token in my Javascript in the client, anyone will see the token in that client and can use it in another application if they so wish.
– Alessandro Brandão
You have control over the lifetime of the token. Even if someone had access to it, possibly it would already be invalid when it was used.
– StatelessDev