Public API on Mobile App


The Ghost API section says I must add my domain as a trusted domain in order to successfully use the service. I was wondering how this would work for a Mobile App, since there is no domain for that. Is this something that can be worked around? Or maybe there is a solution planned for the future?


Trusted domains are only necessary if you plan on using the API in the browser because of CORS - Ghost needs to send special headers authorizing the domain; if it doesn’t, the browser will modify the response as a failure. When developing for a mobile app you don’t have that issue, so you can just send the credentials.