Two use cases:
Let’s say you wanted to record troubleshooting information from inside your package. However, you don’t want endusers (at the applications* level) to have access to your api for sending the diagnostic info.
Is there a way to send an api request that’s salted in a way that the user can’t feasibly break it?
*using the nomenclature of: Distinguishing projects from packages
Let’s say you have some jupyter-based web form that boils down someone’s preferences to a single api request that stores the associated information in some company-owned SQL database.
Again, “Is there a way to send an api request that’s salted in a way that the user can’t feasibly break it?”
The setups are completely hypothetical. They are assumed to be unhackable and take some finite amount of time to complete by a user.
The main question is:
- Is there a way to send an api request that’s doesn’t allow a user to modify it (and still have it work)?