I have an ecommerce site where I have some public API endpoints. I want to secure those endpoints. For example, I have an endpoint like /products which is public api endpoint. But I want to make my api secure so that only my application and my mobile app can access this endpoint.