I'm new to piwik and started using tracking api for android and ios apps.
Right now I set server url and site ID and then I can send visits, tracks, etc. there is not any kind of authentication for that. (I know there is, but it is for some overridden parameters like cip, cdt, country, region, city, lat, long)
So anyone knowing my url and site id can send tracking requests. How can I prevent that and only accept requests from my apps?