I'm in the process of architecting a mobile application and we're considering adding header security to the PHP file that's currently generating the app's XML data. So when the app requests the XML document it also sends a custom header with a secret key and some other encrypted values that the PHP script can validate.
Any suggestions on a robust way to achieve this?
I see IBM has documented something similar but it's designed for SOAP requests.
Thanks for your help