I have an android app that fetches and inserts data to db using rest api hosted on a shared hosting platform. My problem is whenever if someone types the end point of my url in browser they can see all the folders and files. How to restrict access to my android app only. By the way I am not using authentication in my app. How do I restrict my end points to be accessed only from the app
Asked
Active
Viewed 45 times
0
-
Sound like you misconfiged your host, please look at this: https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing – catcon Jul 29 '20 at 22:35
-
1Does this answer your question? [Restrict API requests to only my own mobile app](https://stackoverflow.com/questions/21465559/restrict-api-requests-to-only-my-own-mobile-app) – catcon Jul 29 '20 at 22:39
-
The only way to do it is to add authentication. Typically you would get a bearer token when signing in, and then you attach that token in the headers with every API call. If the rest API gets a request without a token, it can return a 403 error. – Daniel Nugent Jul 29 '20 at 22:58