I am inspecting the caller in the backend canister ic_cdk::api::caller() and try to only allow the frontend canister to make update call. But I found out the caller is always 2vxsx-fae (anonymous).
I don’t want anyone to call the update call directly using canlista or http, but only through frontend. Is there a good way to do this?
This is related https://forum.dfinity.org/t/can-the-canister-recognize-update-call-is-from-a-frontend-canister/ but seems there was no good solution back then