I am developing a .NET WebApi that will be accessed by IOS app and from a website with angular. Some parts of the api data is public. That means we will not ask for user to login to view this data.
But we don't want others to use this api to access these data. These data has some commercial value and we are only publishing it free for our website and APP users.
We thought about an API KEY. But anyone might be able to access this key from client JavaScript or if they de-compile the app.
What might be a good solution to allow public users to access this data through only our site/app, but restrict other users from accessing it.
