'Easiest/Best way to restrict people/unknown from accessing Django API?

I've written a Django API and it works well however I want to restrict people/unknown hosts from writing requests to the API. This is because I have a React Frontend deployed at example.com and I want to make sure that only example.com can send requests to the API.

I'm not entirely sure how to do this. I was trying to do research into cors however from looking at this thread How can I block calls from unknown domains/IP to my REST API?, it seems like cors can't prevent other hosts/unknown from making requests? I want to secure my API such that only my Frontend host at example.com can make requests to the API and other hosts can't (including stuff like Postman and curl shouldn't be able to make requests).

How do I go about doing this? Any help in the right direction is very much appreciated!

Thank you so much!

djangodjango-cors-headers


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Django models | get specific columns

Django models | get specific columns

Django models | get specific columns

Django models | get specific columns

Django models | get specific columns

python: can't open file 'manage.py': [Errno 2] No such file or directory

How to take a zipfile as a File object in django?

How to take a zipfile as a File object in django?

django: invalid syntax path('details/<int:id>/', views.details, name='details')

How do I install an old version of Django on virtualenv?

How to automatically login a user after registration in django

Took too long to shut down and was killed

Override save method of Django Admin

ValueError The QuerySet value for an exact lookup must be limited to one result using slicing on django views

django.core.exceptions.ValidationError: ['“” value must be a decimal number.']