Securing access to PHP API

Question

I have an iPhone app that is using my php api on the server but it is currently open if someone knows the url. I want to make sure that no one can use this API until I am re

Answer 1

HTTPS the API and use an API key. Then you'll know that only people (you in this case) with the key can have access to the API.

You're correct about it not being more secure. That's why I suggest you SSL the connection. Unless you plan on encrypting everything you transmit back and forth.

The public/private key scenario will also work well. HTTPS requires very minimal effort.