Secure data during ajax call from phonegap app to web services without cookie security

I want to secure my ajax call from my app using phonegap to web services returning json.

Usually when you log in a cookie sec开发者_运维百科urity is created but I can't use cookies in my app and I would like something more secured than HTTPS.

Do you have ideas ?

Many web apis will use a token generated by the server and passed back to the client application (your mobile). Then it is the responsibility of the application to provide that token on every request to maintain the "session". Then, of course, your application will need to accept that token, verify that it is good and then use it to retrieve any client specific information.

Using a web server's built-in session management with cookies is many times much easier, but does have downsides of its own. Building your own session management has benefits like sometimes making it easier to scale and being able to persist sessions beyond server restarts and across clusters. However it is harder to implement and you must make sure your app always sends back the tokens.