Why don't APIs support IP address authentication?<p>For APIs focused on server based apps, this should work as well as anything else.<p>It's not possible to duplicate an IP --- the communication gets broken. If the server gets compromised --- well, any pre-shared keys are likewise compromised so the result is the same.<p>There are a few services that support this but not very many.