Question

Security way to community between APPs ?

I’m working on my apps, but I can’t figure out how to establish a secure method for sending APIs between them. I have a Nuxt.js frontend hosted on a DigitalOcean (DO) App, a Node.js backend also hosted on a DO App, and a MongoDB database hosted on a DO Database. However, the apps don’t inherently come with static APIs. Is there any way to specify that the source of a request is from one of my other apps? I’m aiming to configure Node.js to only accept requests from the Nuxt.js server and ensure that MongoDB only accepts requests from the Node.js backend. I used to check IP of source request but on DO APP level, I have no idea at all.


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
January 8, 2024

Hello there,

To establish secure communication between your Nuxt.js frontend, Node.js backend, and MongoDB database on the DigitalOcean App Platform, there are several practices and features you can leverage.

Firstly, for secure API communication, ensure that your applications use HTTPS for all communications. This encrypts data in transit and is a fundamental security measure. DigitalOcean App Platform supports HTTPS, so make sure it is properly configured for your apps.

Secondly, implement robust API authentication and authorization mechanisms. Consider using OAuth tokens, JWT, or API keys. This way, your Node.js backend will only accept requests from your authenticated Nuxt.js frontend, and similarly, your MongoDB database will accept connections only from your authenticated Node.js backend.

Regarding internal communication and ensuring that your MongoDB database only accepts connections from your Node.js backend, you should consider using DigitalOcean’s managed databases. This allows you to link your databases directly within the App Platform, which you can configure to be accessible only by your specific services by using the trusted sources feature:

https://docs.digitalocean.com/products/app-platform/how-to/manage-databases/

Hope that this helps!

Best,

Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel