Question

Security way to community between APPs ?

I’m working on my apps, but I can’t figure out how to establish a secure method for sending APIs between them. I have a Nuxt.js frontend hosted on a DigitalOcean (DO) App, a Node.js backend also hosted on a DO App, and a MongoDB database hosted on a DO Database. However, the apps don’t inherently come with static APIs. Is there any way to specify that the source of a request is from one of my other apps? I’m aiming to configure Node.js to only accept requests from the Nuxt.js server and ensure that MongoDB only accepts requests from the Node.js backend. I used to check IP of source request but on DO APP level, I have no idea at all.


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
January 8, 2024

Hello there,

To establish secure communication between your Nuxt.js frontend, Node.js backend, and MongoDB database on the DigitalOcean App Platform, there are several practices and features you can leverage.

Firstly, for secure API communication, ensure that your applications use HTTPS for all communications. This encrypts data in transit and is a fundamental security measure. DigitalOcean App Platform supports HTTPS, so make sure it is properly configured for your apps.

Secondly, implement robust API authentication and authorization mechanisms. Consider using OAuth tokens, JWT, or API keys. This way, your Node.js backend will only accept requests from your authenticated Nuxt.js frontend, and similarly, your MongoDB database will accept connections only from your authenticated Node.js backend.

Regarding internal communication and ensuring that your MongoDB database only accepts connections from your Node.js backend, you should consider using DigitalOcean’s managed databases. This allows you to link your databases directly within the App Platform, which you can configure to be accessible only by your specific services by using the trusted sources feature:

https://docs.digitalocean.com/products/app-platform/how-to/manage-databases/

Hope that this helps!

Best,

Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.