#Allow one IP address to consume REST API endpoints?

2 messages · Page 1 of 1 (latest)

shadow fossil Dec 5, 2022, 9:38 AM

I was wondering whether it is acceptable to allow only the IP address of the server that consumes REST API endpoints of another application (both within our administration, we developed both). Is it okay to do this or should we still use API tokens?

hazy oracle Dec 5, 2022, 9:39 AM

IP addresses can be spoofed so yes, use authentication like tokens.