- Posts: 3
- Thank you received: 0
×
Requests and support related to jBackend.
Using API Keys
8 years 11 months ago #3965
by admin
Replied by admin on topic Using API Keys
Unexpected question... really 
Usually these requests come from another system or a client (e.g. a mobile app), so the SEO is something not relevant in these cases. Why Google should index your API urls?
And, moreover, the API key should be "reserved", so I always suggest to pass as POST param.
Let me know if you have more questions.
Usually these requests come from another system or a client (e.g. a mobile app), so the SEO is something not relevant in these cases. Why Google should index your API urls?
And, moreover, the API key should be "reserved", so I always suggest to pass as POST param.
Let me know if you have more questions.
Please Log in or Create an account to join the conversation.
8 years 11 months ago #3967
by mazataza
Replied by mazataza on topic Using API Keys
I just asked it because i saw in your documentation the two way of sending request using none SEO URL or SEO URL
another question may out of this topic
I would like to have a mobile app (android, iOS and win) which should connect to this REST backend. but i want to allow only these apps to connect to this services. didn't want any one else to send request (to avoid DoS attack)
did you have an idea how to do it?
another question may out of this topic
I would like to have a mobile app (android, iOS and win) which should connect to this REST backend. but i want to allow only these apps to connect to this services. didn't want any one else to send request (to avoid DoS attack)
did you have an idea how to do it?
Please Log in or Create an account to join the conversation.
8 years 11 months ago - 8 years 11 months ago #3969
by admin
Replied by admin on topic Using API Keys
Yeah,
but it is only because you can use both, it depends on how your Joomla site is configured... for SEO reasons
About your question, there are two ways. The first one is to use the API key, but consider the API key is included in your app source code, and the app code could be reversed (so there is a possibility to get the API key from the app).
The second option is to use an user authentication endpoint. This means the app should first login as Joomla user, but you should use different (real) users, not a single user with credentials stored in the app code (same problem as previous solution), and this scenario is not always possible.
Kind regards,
Luigi
but it is only because you can use both, it depends on how your Joomla site is configured... for SEO reasons
About your question, there are two ways. The first one is to use the API key, but consider the API key is included in your app source code, and the app code could be reversed (so there is a possibility to get the API key from the app).
The second option is to use an user authentication endpoint. This means the app should first login as Joomla user, but you should use different (real) users, not a single user with credentials stored in the app code (same problem as previous solution), and this scenario is not always possible.
Kind regards,
Luigi
Please Log in or Create an account to join the conversation.
Time to create page: 0.146 seconds