API Security
Options
JayyyTeee
Member ✭
Would it be possible to instead of creating a precondition for each API that the call needs to be made from a certain domain, add our personal domains into Xano somewhere and check a box so that ALL calls need to be from our domain?
I know this might not be viable for everyone that uses Xano, just an idea.
Comments
-
You can do this yourself!
I would make a function that executes this header (e.g. source IP) validation. If it passes, return nothing. If it fails, run a precondition.
Then slap that function at the top of your API endpoints. That way it's one line to run the functionality (no change in logic for your endpoints) and you have one place (the custom function) to change your validation logic/criteria.
Categories
- All Categories
- 53 ? Announcements
- 47 ? Releases
- 37 ? Welcome
- 983 ? Help! I'm a Noob
- 125 ? No-Code Front-Ends
- 633 ? Working with APIs
- 439 ? Transforming data
- 126 ? Connect Xano to ...
- 50 ?? Find an Expert
- 348 ❓Other questions
- 35 ? Security
- 22 ✂️ Snippets
- 19 ? Showcase
- 7 ?️ Xano Chatter
- 62 ? Video Tutorials
- 171 ? Request a feature
- 229 ? Report a Bug
- 19 ? Templates & Extensions
- 7 ? Feedback