Limit API calls. Allow only my mobile application

Question

Limit API calls. Allow only my mobile application

I want my web server to accept outgoing requests only from my mobile application .

Since mobile applications are client applications, this means that users can have a binary file and decompile it or use a tool like Fiddler to interpret API calls and restore them (for example: in a console application).

So what I want is a way to generate a key tied to my application and user device .

The application is deployed on Windows Phone7, iPhone and Android. A cross-platform solution would be ideal, but something that only works on one platform is also more than acceptable.

Thank!

+5

android iphone mobile windows-phone-7

djsolid Jul 24 '11 at 13:55

source share

1 answer

Petesh · Accepted Answer · 2011-07-24T14:50:58+0000

Given that you are deploying the application for the client, the actual answer here is "impossible." You may make it difficult for someone to fake the "official identifier", but since you do not have control over the system that performs the requests, it may be your application or something else pretending to be your application.

Limit API calls. Allow only my mobile application

More articles: