Protecting Json

Question

Let's suppose I have an API that returns 1000 books.
These books took time to be registered and to have all their information catalogued.

Then my frontend application accesses this API and provides this information to my clients.
However several competitors visit my site, copy the json back from the networks tab and thus save work.

Is there any way to protect this?

Thx

Answer 1

Welcome to web development, this is a problem that is not easily solved.

If you want your data to be private then require authentication before your API can be used. OAuth client credentials is common for APIs but you could use something else as well. Of course then you need to ensure that all valid users have a client account. If you manage access to your APIs then you have control over who can call it. Of course nothing prevents your competitors from requesting access and you granting it. Then they can download the data. There isn't an automated approach to working around that.

Yet another approach is to have tiers of data access. Perhaps the public can access a small subset of the data and an account is required for more information.

And another thing to consider is using rate limiting or throttling on API calls. If you limited a caller to a certain number of calls at a time then you can slow down competitors but eventually they will still get all the data. But it just makes it slower.

Answer 2

also it does not help to produce html instead. There are several tools for screen scraping to convert the html into data.