How to make an API on php secure
Hi,
I'm creating an API from php which is called from some apps (Android and iPhone). This API has some calls for getting values on a database on the central server, so that data can be cached on the app. Also, this API has some calls for adding records on this database.
I am worried about security. I would like to avoid someone to add some gargabe records, and also avoiding someone to use the API to get a copy of our full database.
How can this be accomplished?
I'm creating an API from php which is called from some apps (Android and iPhone). This API has some calls for getting values on a database on the central server, so that data can be cached on the app. Also, this API has some calls for adding records on this database.
I am worried about security. I would like to avoid someone to add some gargabe records, and also avoiding someone to use the API to get a copy of our full database.
How can this be accomplished?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Agree about HTTPS.
This article has some more background information on APIs as well as a simple example of one that uses an API key.
https://www.experts-exchange.com/Programming/Languages/Scripting/PHP/A_12239-Introduction-to-Application-Programming-Interfaces.html
This article has some more background information on APIs as well as a simple example of one that uses an API key.
https://www.experts-exchange.com/Programming/Languages/Scripting/PHP/A_12239-Introduction-to-Application-Programming-Interfaces.html
ASKER