Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Restrict public webapi only to my app and website RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    I am developing a .NET WebApi that will be accessed by IOS app and from a website with angular.
    Some parts of the api data is public. That means we will not ask for user to login to view this data.

    But we don't want others to use this api to access these data. These data has some commercial value and we are only publishing it free for our website and APP users.

    We thought about an API KEY. But anyone might be able to access this key from client JavaScript or if they de-compile the app. 

    What might be a good solution to allow public users to access this data through only our site/app, but restrict other users from accessing it. 
    • Moved by Kristin Xie Friday, September 12, 2014 4:55 AM
    Thursday, September 11, 2014 6:47 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Please post ASP.NET related questions in the ASP.NET forums: http://forums.asp.net

    • Proposed as answer by Just Karl Monday, September 22, 2014 8:57 PM
    • Marked as answer by Just Karl Tuesday, December 23, 2014 9:58 PM
    Thursday, September 11, 2014 6:50 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Check the URL. If the domain is yours - allow, else - deny.

     

    Noam B.

    Do not Forget to Vote as Answer/Helpful, please. It encourages us to help you...

    • Proposed as answer by Noam B Tuesday, September 16, 2014 12:17 PM
    • Marked as answer by Just Karl Tuesday, December 23, 2014 9:58 PM
    Thursday, September 11, 2014 2:29 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Please post ASP.NET related questions in the ASP.NET forums: http://forums.asp.net

    • Proposed as answer by Just Karl Monday, September 22, 2014 8:57 PM
    • Marked as answer by Just Karl Tuesday, December 23, 2014 9:58 PM
    Thursday, September 11, 2014 6:50 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Check the URL. If the domain is yours - allow, else - deny.

     

    Noam B.

    Do not Forget to Vote as Answer/Helpful, please. It encourages us to help you...

    • Proposed as answer by Noam B Tuesday, September 16, 2014 12:17 PM
    • Marked as answer by Just Karl Tuesday, December 23, 2014 9:58 PM
    Thursday, September 11, 2014 2:29 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    And when API will be accessed from IOSApps?

    Friday, September 12, 2014 12:49 AM