subject:"\[google\-appengine\] Re\: Process to Authenticate WebAPI of GAE"

[google-appengine] Re: Process to Authenticate WebAPI of GAE

2018-03-12 Thread 'Kenworth (Google Cloud Platform)' via Google App Engine

Is your app running on GAE Standard? If so, you can use the flag "login: admin" to restrict access to admin users only . This is separate from the Firewall solution. -- You received this message because you are subscribed t

[google-appengine] Re: Process to Authenticate WebAPI of GAE

2018-03-12 Thread udit sharma

Hi Kenworth, Thanks for the reply. As I said I am using the Firebase Database secrets to make calls between GAE and Firebase Database. I do not have any problem over that, My problem is the Hosted API on GAE. That API is not secure, anyone with the API endpoints and URL structure can query i

[google-appengine] Re: Process to Authenticate WebAPI of GAE

2018-03-09 Thread 'Kenworth (Google Cloud Platform)' via Google App Engine

It seems Firebase Database Security Rules API can be used to set rules to limit/grant access to their DB. For example, developers can restrict access to only emails coming from your domain