Level 80
@hmdagher Use Passport, and then require authentication on your API endpoints. The only successful calls to your API will then be requests with a valid OAuth token.
May 11, 2021
1
Level 1
API Keys (prevent other iOS/Android apps from using my API?)
Hello all,
I'm already using sanctum to authenticate and authorize on the user level for all Apis except (login/register).
but based on this guide: https://cloud.google.com/endpoints/docs/openapi/when-why-api-key
I should create API keys to identify the calling project — the application or site — making the call to an API
Is there any way to ensure, or nearly ensure, that calls to my services are coming only from my app (ios/android).
I found a package on GitHub: https://github.com/ejarnutowski/laravel-api-key but it's outdated
any help?
Please or to participate in this conversation.