Protecting Json

ANB 181 Reputation points
2022-01-20T21:41:59.863+00:00

Let's suppose I have an API that returns 1000 books.
These books took time to be registered and to have all their information catalogued.

Then my frontend application accesses this API and provides this information to my clients.
However several competitors visit my site, copy the json back from the networks tab and thus save work.

Is there any way to protect this?

Thx

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,141 questions
{count} votes

Accepted answer
  1. Michael Taylor 47,716 Reputation points
    2022-01-20T22:41:13.447+00:00

    Welcome to web development, this is a problem that is not easily solved.

    If you want your data to be private then require authentication before your API can be used. OAuth client credentials is common for APIs but you could use something else as well. Of course then you need to ensure that all valid users have a client account. If you manage access to your APIs then you have control over who can call it. Of course nothing prevents your competitors from requesting access and you granting it. Then they can download the data. There isn't an automated approach to working around that.

    Yet another approach is to have tiers of data access. Perhaps the public can access a small subset of the data and an account is required for more information.

    And another thing to consider is using rate limiting or throttling on API calls. If you limited a caller to a certain number of calls at a time then you can slow down competitors but eventually they will still get all the data. But it just makes it slower.


1 additional answer

Sort by: Most helpful
  1. Bruce (SqlWork.com) 55,196 Reputation points
    2022-01-21T18:26:54.927+00:00

    also it does not help to produce html instead. There are several tools for screen scraping to convert the html into data.

    0 comments No comments