How do I restrict Google App Engine Endpoints API access to only my Android applications?

Question

I am an Android developer building my first Google App Engine (java) back-end for my apps. I don\'t want anybody else to access this API other than my app. (I plan to use Ap

Answer 1

Google provides ways to do this for Android, web and iOS The steps involves:

1. Specifying a client Id for apps you want to allow to make requests to your API
2. Adding a User parameter to all exposed methods to be protected by authorization.
3. Generating the client library again for any Android clients
4. Redeploying your backend API.
5. Updating the regenerated jar file to your Android project for your Android client.

These steps are laid out in clear detail on Google's Using Auth with Endpoints and also on this blog