Securing ASP.NET Web API (v2)
If you want your services to be usable by arbitrary clients like browsers and mobile/desktop native apps, you need to model them as “web APIs”.
ASP.NET Web API is the framework from Microsoft to build such services and software systems with .NET. To effectively secure web APIs you need to understand the fundamental application types, HTTP security and a bunch of new technologies like OAuth2 and JSON Web Tokens.
We’ll walk you through typical web API architectures and their security requirements, and explain how you can implement these applications using the ASP.NET Web API v2 on the server and any technology on the client.
Topics covered -