Leave a comment

Creating secure API using encryption Algorithms

Creating Secure API For Mobile

Here are the few steps we are taken to make more secure api’s in one of the project.

Firstly we created a signed_key from all the parameters we are sending from mobile by appending each parameters in alphabetical order

These signed_key also need to sent with parameters which is encrypted with secret key for ex – “Abc123$”

Now when a website get a request from the mobile. the website will also generate a signed_key by using all the parameters and that secret key .
we used Hmac-sha1 algorithm for encryption for better we can use more bit key as well.

Now when a signed_key created by mobile and signed_key created by web match then only we give response to him or else we will give a empty json response with 406 Status code header.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: