I am trying to figure out a way to handle an incoming broadcast inside App B. I want to make sure that it will only continue if it is originally broadcast from App A. I found a bunch of resources, the clearest of which was this article:
The thing that I am unclear on, in terms of using custom permissions, is where do I define the permission (App A or B) and where/how do I request the permission (App A or B). And how does this setup prevent App C from a malicious source from just requesting the same permission.
I am sure I am just missing something simple, but I can’t see it.
Also, I am not against using the same certificate/signature for permissions, since I am the developer of both App A and B, but I want to understand this first.