1 Reply Latest reply on Feb 18, 2013 7:43 AM by 991504

    Security in APEX RestFul Webservice


      I have discovered the power of the APEX Restful webservice API. But I have some doubts, and I am thinking in offer my data application in a restful webservice to a mobile app.

      If I do a function to validate user and password, how can avoid attacks from brute force to hack my users/passwords?
      If I offer my information about something how can avoid web crawling?

      I was thinking in use HTTPS and force to app mobile to pass some token to a parameter of every rest operation, but I don't know if it's too secure.