I'm building an iPhone app that needs to communicate with a PHP api. It will send its data via POST. Not that I have any sensitive data concerns, but I am curious as to how I can ensure that the POST is coming from: the app; or the device; or at least an iPhone.
Jake Wharton's answer on this answer talks about a "known call and response pattern" and I will use that method if there is know other way: How to ensure/determine that a post is coming from an specific application running on an iPhone/iTouch?
I'm not needing SSL or anything, but I will implement low-tech protective measures where possible.