Securing A Web API
-
I'm working on an ASP.Net Web API. I found [this article](https://code.tutsplus.com/tutorials/securing-aspnet-web-api--cms-26012). It seems pretty straightforward, but it's a few years old. Is this still the way to secure a Web API? If not, can someone point me in the right direction?
If it's not broken, fix it until it is. Everything makes sense in someone's mind. Ya can't fix stupid.
-
I'm working on an ASP.Net Web API. I found [this article](https://code.tutsplus.com/tutorials/securing-aspnet-web-api--cms-26012). It seems pretty straightforward, but it's a few years old. Is this still the way to secure a Web API? If not, can someone point me in the right direction?
If it's not broken, fix it until it is. Everything makes sense in someone's mind. Ya can't fix stupid.
You could set up a table in your database that contains authorization data (like an GUID that serves as an api key, and even further, api method name(s) that can be used by the key. You'd have to manually maintain the table unless you took the time to write a tool to assist you.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013 -
You could set up a table in your database that contains authorization data (like an GUID that serves as an api key, and even further, api method name(s) that can be used by the key. You'd have to manually maintain the table unless you took the time to write a tool to assist you.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013Thanks!
If it's not broken, fix it until it is. Everything makes sense in someone's mind. Ya can't fix stupid.
-
I'm working on an ASP.Net Web API. I found [this article](https://code.tutsplus.com/tutorials/securing-aspnet-web-api--cms-26012). It seems pretty straightforward, but it's a few years old. Is this still the way to secure a Web API? If not, can someone point me in the right direction?
If it's not broken, fix it until it is. Everything makes sense in someone's mind. Ya can't fix stupid.
