Get a dream host account. Call it, have it call your third party. That way only 1 IP.
From: [email protected] [mailto:[email protected]] On Behalf Of Ronoaldo José de Lana Pereira Sent: Monday, March 19, 2012 1:33 PM To: [email protected] Subject: [google-appengine] Best practices to authenticate requests comming from my AppEngine app We're integrating our AppEngine app with third parties services. They need to restrict access on the resources that we are using. They requested an IP address to open their firewall rules, which is not a good practice, since all appengine apps may share one or more ip addresses to perform URLFetch requests. How should we do this access control securely? Is there any secure way to be sure that the HTTP request is comming from my application and not from an untrusted source? Any tips are welcome. Best Regards, -Ronoaldo -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/nDzt2E5BuHkJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
