So I've got an AWS File API on Heroku that an Angular app on Netlify needs to have access to. I'm very grateful to Heroku because they put it to sleep but before then, several buckets were generated that were not from users. How do I protect this API? Sending a basic key over an url seems like a bad idea and since I know the requests should only come from one place, locking it to a single IP address also seems like a good idea. Any thoughts on this?
Submitted October 16, 2019 at 05:04AM by sinithw
No comments:
Post a Comment