I would like my iPhone app to store & get data from my App Engine application, but how can I make sure only my app makes these requests?
Do I have to make a gmail account, and let that account login as administrator to my Google App Engine application? So I can use that account from within my iPhone app to handle the request?
I just don't want non iPhone app users to access the app engine application. Any idea's?
You can define your own API, and use whatever authentication method you prefer. You'll need to embed some sort of secret in your app that you use to authenticate with - for example, a randomly generated secret key.
In general, it's not possible to embed a key in user software that users can't extract. You have a slight advantage on the iPhone, because it's a very controlled platform: Most users have no way of accessing your app's binaries. You're still vulnerable to a user with a rooted iPhone disassembling your app and retrieving the secret, however - and there's nothing you can do about that.
Alternately, you can require users of your app to sign up for an account with your app, and authenticate users individually.
