Application-Level Data Security
We’re pleased to announce an all-new security feature for the CloudMine platform. You can now use our new API key rules interface to secure application-level data, allowing you to restrict access to your data without requiring your users to log in.
APIs like CloudMine usually restrict access to their data via the use of an API key, or token, that is sent with each request to perform authentication on the server. The problem with this is that the key must be embedded in code. This offers a small level of protection from malicious users, but a motivated person could still decompile the app and get the key without too much effort.
How It Works
If you just want to jump in and play around with the new feature, head on over to your CloudMine Dashboard. Read the quick blurb about how the system is organized, make a new API key, and apply some rules to it. You can use the API Console to explore how your results change depending on which rules you’ve defined.
When you’re satisfied that the rules you’ve created are what you want for your app, you can either apply them to your current API key, or redistribute your app with the new key. If you need more detailed information, visit the App-Level Data Security section of our API documentation.
We have a lot of pride in the new features we’re bringing you, and we’re excited to see how developers end up using it. If you have any questions or comments, don’t hesitate to drop us a line on Twitter or via email.