I have been thinking of a way to make a secured request from a client to server (not in terms of implementing an SSL) but a way so that I can prevent spamming.
Allow me to explain what exactly I am looking for.
I have clients that make an HTTP request over REST to talk to my server and access its APIs. Now I have provided separate unique API keys to all customers which they use to authenticate themselves as the user. They use this API key as one of the parameter and make a POST / GET request to my server.
Now the problem is anyone who sees the API key can make spam request to my server acting as my customer.
Is there any way to prevent this? Like a private and public key concept? If yes, can someone link me to any ready made algorithm written in PHP which I can use and easily implement in my web app?
Many thanks in advance.