indobase Cloud serves all endpoints over an HTTPS connection by default. Requests made through an unsecure HTTP connection will be redirected to.
Redirected requests will show a 301 response status.
HTTP/1.1 301 Moved Permanently
Content-Type: application/json
Location: https://<REGION>.cloud.indobase.io/v1/<ENDPOINT>
indobase Cloud does not support HTTP, which is a common practice in modern development, because unencrypted HTTP traffic is dangerous and exposes sensitive user data to malicious attackers.
Strict-Transport-Security
indobase uses the Strict-Transport-Security header to inform browsers that the website should only be accessed using HTTPS, further protecting against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking. By enforcing HTTPS, indobase Cloud's endpoint will always be served over a secure connection, which helps protect users' data and privacy.
Custom domains
You can add a custom domain to your indobase project so you can access indobase API endpoints on your own domain. indobase will generate TLS certificates for your domain and enforce HTTPS communication.
Function domains
indobase generates domains for indobase Functions so they can be executed through HTTPS requests. indobase also generates TLS certificates for these domains to enforce HTTPS communication.