How to be sure that my app is my app?

I want to protect my server against someone who would have replicate my iOS application and used the internal http calls, by decompiling or just by some way obtained my source code. I guess It would have something to do with iOS certificates but I’m not aware of the best practices and how does the industry prevents itself for this kind of attack. I’ve heard of certificates pinning but I believe this has to do with knowing that my server is really my server and not that the app my server is talking is really the app I built.

If someone knows about this specific subject I would be happy to hear how would he proceed, or if he could point me in the right direction it would be also very appreciated.