Translate
Hi all,
I am just getting started with GroupShare's REST API. The first thing I would like to do is restrict access to the API to specific IP addresses or some other suitable criterion. As far as I can tell, anyone with a user account on the GroupShare server and some basic knowledge of writing scripts in php, asp, etc. would in principle be able to access the API, log on and manipulate resources.
At first glance, it does not look like the calls to the API are handled by IIS (that is to say, the IIS log does not show any entries for API calls). So is there any way I can restrict access?
Another initial question is how long the bearer token returned after logging on will remain valid.
Regards,
Henk