i'm creating HTTP Server using TIdHTTPServer as back-end for mobile application.
The mobile app send requests to the server to get some information form MS Active directory i want to prevent other clients such browsers or attacker to obtain information from my server.
My question is how i can secure the HTTP Server to accept requests only form my client not others?
I'm looking for guidance here.