Serving static assets for my apps,how to authenticate?

I have an android app which is larger than 100 mb. I tried to use expansion file but the cordova plugin was problematic. I still can’t figure it out how to make it work. I am thinking about serving my assets files from a web server but I don’t want to make the download url public. I’d like to make sure only my app can download the files. How should I do the authentication? I am considering using aws s3 for storing my assets. Or do you recommend other ways of serving static assets?
Any help would be much appreciated.

Sadly, what you describe, although it sounds reasonable, is categorically impossible, unless you control the distribution of the app binary itself.

Anybody with a copy of the app binary can masquerade as “the app” for all practical purposes.

Just to backup @rapropos - on the simplest version you could just put the content on a url that’s not easily discoverable, like a guid.


Many thanks for your reply! Then I will just choose any CDN to serve the files.

Many thanks again for your help!