API Security: how to restrict access by domain?

Question

I\'m exposing a simple API and need to make sure only authorized users access it. I will be providing an API key to authenticate. However, I also want to associate the API k

Answer 1

HTTP+SSL is a complex protocol set that supports certificates for both server and the client, and probably could be used in this case, but somehow I feel this would be an overkill.