C
C#12mo ago
Saryn

API Authentication via Generated URLs only

First of all, I know this is terrible practice. I am prefacing this by saying its to work around the client. The client is only capable of loading strings from generated URLs. I am unable to change the client outside of how URLs are generated. I am attempting to have some way of encrypting or obfuscating a URL such that a client will be able to communicate with my API, but cannot be easily generated by a bad actor. My application is a gamescoring/gamekeeping API and I would not like users to be able to just be able to create URLs themselves that declares them as a winner. I am okay with a user seeing the URL after the game has been reported as I can just fail the request after first completion. Ideally I would just do Symmetrical/Asym string encryption, but the client's SDK has hidden those tools. I was wondering if anyone knew of a relatively easy way to go about this or am I stuck just writing an existing encryption algorithm myself.
0 Replies
No replies yetBe the first to reply to this messageJoin
Want results from more Discord servers?
Add your server