I'm creating this Python package that makes calls to an API server, which runs some proprietary source code. I want the users of this package access to the API endpoints but not necessarily have access to API urls, how would I implement this?
Asked
Active
Viewed 20 times
0
-
maybe sdk you are looking into, from this code/package, connects with your server, and pasrse the request data (in server ) such way that they understand what resource it is looking into – sahasrara62 May 26 '23 at 19:43
1 Answers
0
It depends on what your goal is
If you simply dont want people to know the api url , thats basically immpossible cause a person will eventually find it out after doing some digging.The notion of security in obscurity is pretty much bs
Best you can do is to obfuscate your package with something like pyarmor , hyperion or beserker
Or you can make a proxy/relay server which the package communicates with and the proxy/relay then communicates with the server
If you want to prevent unauthorized access to the api , use api tokens and tell the users to use their own tokens
Global-Occult
- 80
- 6