Security questions for iOS app interaction with API

Question

I am going to develop an iOS app for my web application so I will be working on an API Service that the iOS app will consume.

My question is : How can I make sure to protect the access to my API ?

My main concern is just that I don't want someone else to use my API in order to duplicate the content to another app or website.

Thanks in advance,

What are you using to write your API? – Alejandro Mar 20 '13 at 18:54 — Alejandro, Mar 20 '13 at 18:54

score 1 · Accepted Answer · edited May 23 '17 at 12:11

1

Unfortunately this is very difficult to do. In short, you can't do this with 100% assurance because once your code is in the client's hands you have no control over it. Check out this StackOverflow question: Security When Using REST API in an iPhone Application

You may also find some value in this StackOverflow question as well: https://stackoverflow.com/questions/15390354/api-key-alternative/15390892#15390892

edited May 23 '17 at 12:11

Community

1
1

answered Mar 20 '13 at 20:11

Freedom_Ben

11,247
10
69
89

Agreed. There is no way to be certain that only your application can speak to your server. You can put up some small barriers, but it is not possible to authenticate an application. Some other discussion on this: http://stackoverflow.com/questions/9181186/secure-https-encryption-for-iphone-app-to-webpage – Rob Napier Mar 20 '13 at 21:18

Security questions for iOS app interaction with API

1 Answers1