The Usergrid docs for securing your applications are here:
http://usergrid.apache.org/docs/security-and-auth/app-security.html
I would recommend that you create a Usergrid User entity for each of your
applications users, then provide a login page in your application that
posts to /{orgname}/{appname}/token to log the user in and obtain an access
token. Store that access token in a cookie or local storage so that the
user can remain logged in until they choose to log out. Also, use Usergrid
Roles & Permissions to manage what paths your users are allowed to GET,
PUT, POST, etc. to.
Here's an HTML5 app that uses the above approach to log users in:
https://github.com/snoopdave/usergrid-mobile/tree/v1
Hope that helps,
Dave
On Mon, Jun 20, 2016 at 6:30 AM Thành Vũ Trung <[email protected]>
wrote:
> Hi all,
> I'm making a social app and use usergrid as a back-end api. What is best
> solution to secure my html5 app? How to prevent somebody can get data via
> usergrid API?
> Thanks.
>
>
> --
> *Thanh.*
>
>
