I have wrote couple of restful webservices. As part of security i have added SALT and signature param so that not anyone can access it.
These Services will be deployed under https. JSON request looks like below.
"salt" : "KVq88mTrqjoYPiCVhfmh4Q==",
"signature" : "ZinT6BvBZvBCzBTKaCPG4l+L8FuB4U9/575aDXaZ9yA="
SALT and SIGNATURE will be unique on every request.
My question is will this much security is enough or malicious user can also grab salt and signature and hit other endpoints. If yes, then what should can be done further to enhance security for rest calls ?