What is the best "Web API Authentication" practice?

0 votes

Which one is the best authentication approach for an Web API, considering that the data security is essential and the ASP.NET application runs on Azure?

Aug 6, 2018 in Azure by cloudie_crank
• 1,610 points
48 views

1 answer to this question.

0 votes

Talking about the best practice, consider the below scenario:

When dealing with authentication and securing your Web API I recommend you follow the guidelines set by Dominick Baier. There might be no better expert on ASP.NET identity management in the world.

You can find his blog at http://leastprivilege.com/ and a great Web API Identity package at Nuget, Thinktecture.IdentityModel - http://nuget.org/packages/Thinktecture.IdentityModel As with most of the good open source libraries, since all the functionality is available for your for free, there is no need to reinvent the wheel.

This is a top-to-bottom identity & access control library for .NET 4.0/WIF and .NET 4.5 (including support for MVC and Web API).

If you want to learn more about securing your Web API, you should also watch this video http://vimeo.com/43603474 - Dominick's talk from NDC Oslo 2012.

answered Aug 6, 2018 by null_void
• 3,220 points

Related Questions In Azure

0 votes
1 answer
0 votes
1 answer

How different is Web job from Worker role?

Some of the basic yet valid differences ...READ MORE

answered May 10, 2018 in Azure by club_seesharp
• 3,450 points
21 views
0 votes
1 answer

Error: Install-Module : The term 'Install-Module' is not recognized as the name of a cmdlet

Since you are using the lower version ...READ MORE

answered Jun 20, 2018 in Azure by null_void
• 3,220 points
1,388 views
0 votes
1 answer
0 votes
1 answer

Error: The subscription is not registered to use namespace 'Microsoft.DataFactory

In Azure, for each functionality there's a ...READ MORE

answered Aug 24, 2018 in Azure by null_void
• 3,220 points
66 views
0 votes
1 answer

Cannot delete blob: There is currently a lease on the blob and no lease ID was specified in the request

Alternatively, you can just kill the lease ...READ MORE

answered Sep 24, 2018 in Azure by club_seesharp
• 3,450 points
432 views
0 votes
1 answer

Is it possible to access performance counter in Microsoft Azure Web App?

No, it is not supported on Azure ...READ MORE

answered Jul 4 in Azure by Perry
• 17,020 points
27 views
+1 vote
4 answers

Where to find the Microsoft.IdentityModel dll?

I finally found this Nuget package: https://www.nuget.org/packages/Microsoft.SharePointOnline.CSOM, which ...READ MORE

answered Oct 23, 2018 in Azure by Trisha
522 views
0 votes
1 answer

Is there a logical difference between WebApp and API app in Azure?

Basically there was only minute differences between ...READ MORE

answered Apr 26, 2018 in Azure by null_void
• 3,220 points
36 views
0 votes
1 answer

Where is the storage account name and access keys on the portal?

In the image under the connection string ...READ MORE

answered May 21, 2018 in Azure by null_void
• 3,220 points
16 views