Webservice - How to implement an anti phishing key in a service that accept a callback

Question

Webservice - How to implement an anti phishing key in a service that accept a callback

283 views Asked by André At 07 January 2014 at 13:26

I need to implement a web service that will receive a callback.

In my web application I will need to implement something like this:

http://mywebsite.com/callback?key=[an_anti_phishing_key]&otherparam1=[something1]&otherparam2=[something2]

A detailed explanation. There will be a 3rd party service that will request this URL with this parameters. And this service need that I implement an "anti phishing key" so that they can communicate securely with mywebsite.com

My doubt here is how to implement this anti phishing key in a secure manner.

Any ideas of possible implementations?

Original Q&A

There are 1 answers

**Pradeep Pati** · Answer 1 · 2014-01-08 02:58:56

Pradeep Pati On 08 January 2014 at 02:58

If you do a GET request as a client to the server over HTTP, it is susceptible to a Man-in-the-middle attack. What you can do is to allow only POST requests over HTTPS. That would be more secure than the former.

TechQA.

Webservice - How to implement an anti phishing key in a service that accept a callback

There are 1 answers

Related Questions in PYTHON

Related Questions in DJANGO

Related Questions in WEB-SERVICES

Related Questions in SECURITY

Related Questions in PHISHING

Popular Questions

Popular Tags

Trending Questions