Couple of options here:
1) API is only accessible on private network
2) basic auth at the least, ideally token-based auth (e.g., OAuthv2) to access API
3) user-level credentials to access API
4) 2-way SSL with backend
Those are the big ones. You can surely use combinations of the above for increased security.
Good question
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |