Welcome Guest, Not a member yet? Register   Sign In
Secure my API connection with other websites
#3

(05-02-2017, 06:10 AM)xenomorph1030 Wrote: How would you validate that the API request is coming from a particular domain? Request headers can be modified as can query parameters. It seems like additional complexity that isn't necessary, though that is without knowing why you want to do so.

I'm going to give them a piece of code.
The code will send POST request to my API along with X-API-KEY. so i can put additional info in to it as parameters such as Domain Name or IP whatever.

Why i wanna do this? coz i wanna give the access only to one of their website not they get one key and use it unlimited for any website they have.

So if i send the cURL which has X-API-KEY and domain name as parameters, how can i check it in the restful library, i mean where is the function that checks the X-API-KEY ? so i can extend

Thanks
Reply


Messages In This Thread
RE: Secure my API connection with other websites - by ardavan - 05-02-2017, 07:28 PM



Theme © iAndrew 2016 - Forum software by © MyBB