How to validate the origin of a web service invokation

Question

Suppose you have a mobile application (Windows Phone or Android) that connects yo your back-end using SOAP.

For making it easy, let\'s say that we have a Web Service

Answer 1

You can use the following way to secure and to track your requests to server.

1. You can force the mobile or web clients to send you a Custom Headers of the device type when accessing your webservice through REST methods

2. Use basic http authentication by forcing each client to have their own username and passwords provided by you as a authorized webservice provider..

3. If you need more advanced protection you can use OAuth 2.0 to secure your webservice.