Is it possible to gate a canister endpoint by domain?

Sometimes, developers may want to gate specific canister API endpoints by a specific domain or accessing the endpoint, instead of by principal.

Are there any strategies available for doing this that don’t rely on additional infrastructure, such as placing a web2 server in between the canister and frontend client?

1 Like

In general, there is no reliable way to gate API access based on domain. On ICP or outside. You can use IP filtering or require calls to be authenticated somehow: JWT, etc

1 Like