Web API is a pretty sexy REST stack (though others are cool too). As I’ve been talking about it a lot lately, the biggest question by far is authentication and authorization. There are many options including OAuth, Token-based authentication, basic authentication, and even custom solutions. One option that should be included is to use your existing ASP.NET Forms-Based Authentication.
As a preview to my recently released course on ASP.NET Web API, we’ve released a clip that shows you how to piggy-back on ASP.NET Authentication to protect your Web API interfaces:
While this is useful in some use-cases, you’ll probably need to also support other mechanisms like OAuth, Token Auth and others. I cover many of these in my “Securing Web API” module of the Pluralsight course. The course covers building an API from scratch including coverage of security, versioning, using REST constraints and working with models. If you have a subscription, you might be interested in the whole course:
Let me know what you think!
|Building a Web App with ASP.NET5, MVC6, EF7, and AngularJS (New)|
|Best Practices in ASP.NET: Entities, Validation, and View Models|
|Front-End Web Development Quick Start|
|Lessons from Real World .NET Code Reviews|
|Node.js for .NET Developers|
|Implementing ASP.NET Web API|
|Building a Site with Bootstrap, AngularJS, ASP.NET, et al.|
|Application Name||WilderBlog||Environment Name||Production|
|Application Ver||22.214.171.124||Runtime Framework||.NETCoreApp,Version=v1.0|
|App Path||D:\home\site\wwwroot||Runtime Version||.NET Core 126.96.36.199|
|Operating System||Microsoft Windows 6.2.9200||Runtime Arch||X86|