Re: FCrDNS alternative

g.siang · ‎07-19-2020

We are trying to whitelist Fitbit source IPs based on recommended approach FCrDNS. But AWS API Gateway appears not to be supporting this. Is there any other way to have some access control to the updates API with AWS API Gateway?

LifeOmic-Dev · ‎07-20-2020

I brought up a similar question a while back in this thread. It doesn't seem like an alternative will be provided.

g.siang · ‎07-28-2020

Thanks for the advise. Using the signature header is one way but, the point of doing this earlier at the gateway level is to potentially block malicious attackers from hitting the backend with many invalid requests. So I am still looking for a viable alternative.

g.siang · ‎09-01-2020

I would appreciate if FitBit support team can advise.

LifeOmic-Dev · ‎09-03-2020

This wasn't a blocker for my team, but we also would have appreciated the additional layer of security. I was just made aware of feature requests recently and created a request to address this issue: FCrDNS Alternative - Add API Keys to Subscriptions.

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

FCrDNS alternative

g.siang

LifeOmic-Dev

g.siang

g.siang

LifeOmic-Dev