How to allow api access to android or ios app only(laravel)?

- 1 answer


I am implementing an api in laravel.

what I want is my api should not be accessible from anywhere except from android/ios app.I googled and came to know that I can make use of API KEY.

But I am not sure is it correct way or not.

Currently using OAuth2 for user authentication.

Please help.




What you want to do is to create a token for each user, save it in the client's device , verify it in each request that the client makes.

So basically you want to:

  • Make a column for the token in the users table
  • generate the token when the user registers
  • make a login route so that the user would login with his email,password and he will getback the token to store in the device
  • make a middleware that would check for the token in each request ( except for the login )

I wrote an article of the exact same thing you want