The Usergrid docs for securing your applications are here: http://usergrid.apache.org/docs/security-and-auth/app-security.html
I would recommend that you create a Usergrid User entity for each of your applications users, then provide a login page in your application that posts to /{orgname}/{appname}/token to log the user in and obtain an access token. Store that access token in a cookie or local storage so that the user can remain logged in until they choose to log out. Also, use Usergrid Roles & Permissions to manage what paths your users are allowed to GET, PUT, POST, etc. to. Here's an HTML5 app that uses the above approach to log users in: https://github.com/snoopdave/usergrid-mobile/tree/v1 Hope that helps, Dave On Mon, Jun 20, 2016 at 6:30 AM Thành Vũ Trung <v2tmobile...@gmail.com> wrote: > Hi all, > I'm making a social app and use usergrid as a back-end api. What is best > solution to secure my html5 app? How to prevent somebody can get data via > usergrid API? > Thanks. > > > -- > *Thanh.* > >