Web API v2 Security

Implementing Authentication and Authorization in ASP.NET Web API v2.
Course info
Rating
(931)
Level
Intermediate
Updated
Apr 12, 2014
Duration
6h 12m
Table of contents
Overview
HTTP Security Primer
ASP.NET Web API Security Architecture
Classic Authentication and Katana Authentication Middleware
JavaScript and Browser-based Clients
Token-based Authentication - Part 1
Token-based Authentication - Part 2
Authorization
Description
Course info
Rating
(931)
Level
Intermediate
Updated
Apr 12, 2014
Duration
6h 12m
Description

The main feature focus of ASP.NET Web API v2 was security. There's a brand new authentication system and support for popular authentication methods, like OAuth2 tokens, that is already built-in. Additionally, it is now much easier to use Web APIs from JavaScript clients and the new security extensibility gives you powerful features to integrate your APIs in arbitrary security systems.

Course FAQ
Course FAQ
What is Web API?

Basically a Web API is an application programming interface for either a web server or a web browser. It's a framework for building HTTP-based services that are accessible in different apps and on different platforms.

What's different between Web API version 1 and version 2?

In Web API version 1 security was mainly based on hosting specific features. In Web API v2 there's a completely new hosting infrastructure, new authentication infrastructure, and a lot of options around authorization, including token-based authentication and dual authorization.

Who is this course for?

This course is for anyone who wants to learn how to use Web API v2 and secure your APIs against attacks with effective authentication and authorization.

Are there prerequisites for this course?

This is an intermediate level course, so it assumes some prior experience with ASP.NET and in building and working with APIs. JavaScript and web dev skills will also help speed up the learning curve.

About the author
About the author

Dominick works as an associate consultant for the Germany-based company thinktecture. His main area of focus is security in general and identity & access control in particular.

More from the author
Identity and Access Control in WCF 4.5
Intermediate
3h 12m
Dec 14, 2012
More courses by Dominick Baier