How can I set my Backendless account and API to be accessible only by whitelisted IPs?

How can I set my Backendless account / API to be accessible only from my particular production and development IP addresses (and not from anyone else’s)?

Other APIs I’ve used have allowed me to restrict access based on IP. Otherwise, a stranger could just “view source” from my website, copy the code, host it on their own computer, and start controlling my cloud data.

I’d rather lock it down such that only my local home IP and the IP of my production server are allowed to authenticate with the Backendless API.

Hi Ryan,

White/black list of IPs is available only in the Managed Backendless version of Backendless. The Cloud edition does not have that capability.

As a side note, a proper way to secure a Backendless app should be done by utilizing the security mechanisms built into the service. That is with the roles/user-based security and establishing proper permissions for each applicable role.

The “secret keys” are being renamed to “API Keys” for the reason that they are not really meant to be secret and lead to confusion.

Regards,
Mark