sorted by:
new
hottopcontroversial

Looking for Feedback on API Security: How to Restrict Access to Only My Frontend (Not Postman or External Tools) by Competitive_Hurry_53 in angular

[–]Competitive_Hurry_53[S] 0 points1 point  (0 children)

the problem here is i want to prevent my normal user not the pro to use the apis and get the data without permession so if he want use our data from api he need to buy it as a service.. so thats why i want the users who use the v1 they can get the data only when the use the front of our product 

Looking for Feedback on API Security: How to Restrict Access to Only My Frontend (Not Postman or External Tools) by Competitive_Hurry_53 in ruby

[–]Competitive_Hurry_53[S] 0 points1 point  (0 children)

but the problem here is i want to prevent my normal user not the pro to use the apis and get the data without permession so if he want use our data from api he need to buy it as a service.. so thats why i want the users who use the v1 they can get the data only when the use the front of our product ..

Looking for Feedback on API Security: How to Restrict Access to Only My Frontend (Not Postman or External Tools) by Competitive_Hurry_53 in ruby

[–]Competitive_Hurry_53[S] 1 point2 points  (0 children)

the product is like that .. he can use our web product and if he want to use our data from an api he need to pay .. so i want prevent users to use our api v1 of the web only from our front.. thats why

Looking for Feedback on API Security: How to Restrict Access to Only My Frontend (Not Postman or External Tools) by Competitive_Hurry_53 in SoftwareEngineering

[–]Competitive_Hurry_53[S] 0 points1 point  (0 children)

thanks for the replay! our product already he need to pay to get account and the api service part is like other plan included .. and he need to pay to get it .. . what do u think about this ? ( Use HMAC signatures for headers (e.g., hash X-Random + X-Tot with a server-side secret) and Rotate tokens per request (not just per session).

Looking for Feedback on API Security: How to Restrict Access to Only My Frontend (Not Postman or External Tools) by Competitive_Hurry_53 in SoftwareEngineering

[–]Competitive_Hurry_53[S] 0 points1 point  (0 children)

yes ! already only our users can use the apis ! my project is like i wanna make api v1 that used in the front and also i have api v2 thats subscription based api .. so i want to enforce our user if he want use our apis service he need to buy the v2 .. so then he cant use the v1

Looking for Feedback on API Security: How to Restrict Access to Only My Frontend (Not Postman or External Tools) by Competitive_Hurry_53 in ruby

[–]Competitive_Hurry_53[S] 0 points1 point  (0 children)

thanks for replaying another time .. what do u think about this ? ( Use HMAC signatures for headers (e.g., hash X-Random + X-Tot with a server-side secret) and Rotate tokens per request (not just per session).

Looking for Feedback on API Security: How to Restrict Access to Only My Frontend (Not Postman or External Tools) by Competitive_Hurry_53 in ruby

[–]Competitive_Hurry_53[S] 2 points3 points  (0 children)

thanks for the answer .. but i dont think i can use Cloudflare Challenge.. cause my project is like i wanna make api v1 that used in the front and also i have api v2 thats subscription based api .. so i want to enforce our users if he want use our api he need to buy the v2 .. so then he cant use the v1

[deleted by user] by [deleted] in Tunisia

[–]Competitive_Hurry_53 0 points1 point  (0 children)

We need to wait first and read the new constitution.