发表新帖
发表新帖

iOS: Is there a safe way to include an API key in the code?

前端 未结
关注
4 1721
没有蜡笔的小新
没有蜡笔的小新 2020-12-18 06:46

Amazon has an AWS SDK for iOS, along with several sample apps. In their samples, they put the API credentials in a Constants.h file:

// Constant
4条回答
  • 暗喜
    暗喜 (楼主)
    2020-12-18 07:36

    You'll probably want to create temporary write credentials using AWS STS tokens instead of passing keys all the way to the client. You can also create OAIs for CloudFront endpoints so no users directly access S3.

    http://docs.aws.amazon.com/STS/latest/APIReference/Welcome.html http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html

    0 讨论(0)
 看不清?
提交回复
热议问题