Sign in
Log inSign up

How to build APIs that can be consumed only by my Android app?

Ivan Bernatović's photo
Ivan Bernatović
·May 27, 2016

I'm building SPA and I'm using JWT as authorization mechanism. Everything works nice but what if I want to build mobile app and I want to make it exclusive for that app? To be more precise, I want to build Android app and I want to limit my API so it can only be used by my Android application.

In "classic" web pages I have CSRF tokens that are generated on backend and they are appended to POST request. How can I handle that on Android apps, what is the best practice?

Hassle-free blogging platform that developers and teams love.
  • Docs by Hashnode
    New
  • Blogs
  • AI Markdown Editor
  • GraphQL APIs
  • Open source Starter-kit

© Hashnode 2024 — LinearBytes Inc.

Privacy PolicyTermsCode of Conduct