RPC call security

0 votes

hi

RPC call function seem always have userid/username as param on request to know the call from which user. This is really not security which easy recognize by hacker and they easy to send fake userid/username.

So, how to security that?

asked Nov 16, 2015 in AppWarpS2 by nguyenanhdung (51 points)

1 Answer

0 votes

HI,

In all AppWarp api call we generate a specific signature based on that API-Key, on the server side same will be decoded to authorize the respective calls.

So all security is managed by the API-key that you have used for initialization.So all api calls are managed by WarpClient.

Let me know if it helps.

Thanks & Regards

Vishnu Garg

answered Nov 17, 2015 by Vishnu Garg (674 points)

From server side, without userid as param from RPC function, how do i know the call from whose client?

commented Nov 18, 2015 by nguyenanhdung (51 points)

In that case you need to pass userId as a parameter.

commented Nov 18, 2015 by Vishnu Garg (674 points)

Team

Partners

Investors

Customers

Media

Backend Cloud APIs

Marketing Automation

API Gateway

AppWarp

Platform-as-a-Service

DevOps

Retail

Banking

Insurance

Gaming