I was wondering about way to protect the App ID when connecting to photon cloud.
My main worry was to say someone modified the app to replace the App id with their own.
We are using photon realtime mainly as a relay so there isn't any server side logic.
After searching some and finding some topics
https://forum.photonengine.com/discussion/12244/security-question-about-safety-of-storing-app-id-in-project
I didn't think about someone taking our App ID and using it somewhere else.
https://forum.photonengine.com/discussion/13349/please-change-my-app-id
What is the best practice to try and secure this, as just keeping it a string is not secure, even if downloading it upon app startup it could be detected.
Is there a way to issue a temporary key or app id from an authenticating server that once the client logged in they could be given a temporary key that would let them connect.
Thanks
↧