Verify frontend canister called backend canister

frederico02 · May 1, 2024, 12:34pm

I have an update call on my backend canister but I want to make sure that only my frontend can call it or identify that the front end is calling it and reject any other case. Is this possible? I’ve seen there are other posts related to this but they were a little old so I thought I’d ask again to see if there are any potential new ways.

Thanks,

Freddie

jennifertran · May 2, 2024, 6:48am

You require the authentication of a principal (including your canister’s principal) to access backend methods.

However, you cannot confirm which principal AND a specific frontend a call is coming from.

You can reference:

Topic		Replies	Views
Only allow update call from frontend canister Developers	2	326	August 4, 2023
Calling Main net from local development environment (via agents?) CDK	6	451	May 7, 2024
Can the canister recognize “update call” is from a frontend canister? Developers	8	1264	July 13, 2021
Rust Canister Signature verification Rust	0	151	February 7, 2024
How to upgrade canister and recovery data Developers Discussing , rust	0	105	June 6, 2024

Verify frontend canister called backend canister

Related topics