I'm trying to play some private videos from my Vimeo account.
I don't want anyone to be able to downlod or access outside my app.
I don't care if I have to use a seperate server and do some PHP, but I want to be able to verify that the request to get the video came from my app and not someone random trying to see my video.
I'm open to the idea of moving my videos to somewhere else (not download with my app).
A way to verify that the person trying to access my video to watch is using my app.
You should try and use JWT (Json Web Token) to verify who is sending the request, you can use firebase and send the logged in user's token and use it's api to verify that the token is valid