Yeah, Thank you very much for your support. I will research more :) Thanks.
On Mon, Jun 20, 2016 at 10:33 PM, Dave <[email protected]> wrote: > Sounds like you need some sort of proxy or "API Gateway" between your app > and Usergrid. We use a similar architecture for some Usergrid applications > where I work (Apigee). > > Dave > > > On Mon, Jun 20, 2016 at 10:17 AM Thành Vũ Trung <[email protected]> > wrote: > >> Hi Dave, >> Thank you very much for your advise. That is a best solution with a admin >> application but with a web application that guess user can get data from >> some entities. I want to prevent somebody request my API from other >> domain or mobile application... My english is not good, hope you can >> understand and help me clear. >> Thanks again for you support. >> >> On Mon, Jun 20, 2016 at 8:48 PM, Dave <[email protected]> wrote: >> >>> The Usergrid docs for securing your applications are here: >>> http://usergrid.apache.org/docs/security-and-auth/app-security.html >>> >>> I would recommend that you create a Usergrid User entity for each of >>> your applications users, then provide a login page in your application that >>> posts to /{orgname}/{appname}/token to log the user in and obtain an access >>> token. Store that access token in a cookie or local storage so that the >>> user can remain logged in until they choose to log out. Also, use Usergrid >>> Roles & Permissions to manage what paths your users are allowed to GET, >>> PUT, POST, etc. to. >>> >>> Here's an HTML5 app that uses the above approach to log users in: >>> https://github.com/snoopdave/usergrid-mobile/tree/v1 >>> >>> Hope that helps, >>> Dave >>> >>> >>> >>> >>> On Mon, Jun 20, 2016 at 6:30 AM Thành Vũ Trung <[email protected]> >>> wrote: >>> >>>> Hi all, >>>> I'm making a social app and use usergrid as a back-end api. What is >>>> best solution to secure my html5 app? How to prevent somebody can get data >>>> via usergrid API? >>>> Thanks. >>>> >>>> >>>> -- >>>> *Thanh.* >>>> >>>> >> >> >> -- >> *Thanh Vu* >> >> *Information Technology Engineer* >> *Mobile:* +84903298791 >> *Skype:* v2t_nd |* Email:* [email protected] >> >> -- *Thanh Vu* *Information Technology Engineer* *Mobile:* +84903298791 *Skype:* v2t_nd |* Email:* [email protected]
