Verify frontend canister called backend canister

frederico02 · May 1, 2024, 12:34pm

I have an update call on my backend canister but I want to make sure that only my frontend can call it or identify that the front end is calling it and reject any other case. Is this possible? I’ve seen there are other posts related to this but they were a little old so I thought I’d ask again to see if there are any potential new ways.

Thanks,

Freddie

jennifertran · May 2, 2024, 6:48am

You require the authentication of a principal (including your canister’s principal) to access backend methods.

However, you cannot confirm which principal AND a specific frontend a call is coming from.

You can reference:

Topic		Replies	Views
Only allow update call from frontend canister Developers	2	313	August 4, 2023
Calling Main net from local development environment (via agents?) CDK	6	438	May 7, 2024
Can the canister recognize “update call” is from a frontend canister? Developers	8	1231	July 13, 2021
How to upgrade canister and recovery data Developers Discussing , rust	0	103	June 6, 2024
What is the best way to call a backend function on a frontend canister? Rust	2	630	October 16, 2023

Verify frontend canister called backend canister

Related Topics