This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

If someone knows the url for my API (which is accessible over the internet), can't he just bypass the security features that I've set up on EDGE? How would I tackle this scenario?

Posted on 01-28-2016 12:45 PM
Not applicable
Reply posted on --/--/---- --:-- AM
 
0 3 130
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
akoo
New Member
Reply posted on --/--/---- --:-- AM

Couple of options here:

1) API is only accessible on private network

2) basic auth at the least, ideally token-based auth (e.g., OAuthv2) to access API

3) user-level credentials to access API

4) 2-way SSL with backend

Those are the big ones. You can surely use combinations of the above for increased security.

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Good question

0 Likes

Posted on --/--/---- --:-- AM
anilsr
Staff
Reply posted on --/--/---- --:-- AM

@Samarth , Please see similar question asked here.

0 Likes