What is the best "Web API Authentication" practice?

0 votes

Which one is the best authentication approach for an Web API, considering that the data security is essential and the ASP.NET application runs on Azure?

Aug 6, 2018 in Azure by cloudie_crank
• 1,610 points
71 views

1 answer to this question.

0 votes

Talking about the best practice, consider the below scenario:

When dealing with authentication and securing your Web API I recommend you follow the guidelines set by Dominick Baier. There might be no better expert on ASP.NET identity management in the world.

You can find his blog at http://leastprivilege.com/ and a great Web API Identity package at Nuget, Thinktecture.IdentityModel - http://nuget.org/packages/Thinktecture.IdentityModel As with most of the good open source libraries, since all the functionality is available for your for free, there is no need to reinvent the wheel.

This is a top-to-bottom identity & access control library for .NET 4.0/WIF and .NET 4.5 (including support for MVC and Web API).

If you want to learn more about securing your Web API, you should also watch this video http://vimeo.com/43603474 - Dominick's talk from NDC Oslo 2012.

answered Aug 6, 2018 by null_void
• 3,220 points

Related Questions In Azure

0 votes
1 answer

How to add a body to a HttpWebRequest that is being used with the Azure Service management API?

The following code should help: byte[] buf = ...READ MORE

answered Apr 3, 2019 in Azure by Prerna
• 1,940 points
61 views
0 votes
0 answers

What is the use of cloud service configuration file (.cscfg) in azure?

What is the use of cloud service ...READ MORE

Sep 30, 2019 in Azure by Pratibha
• 3,690 points
77 views
0 votes
1 answer
0 votes
1 answer

How different is Web job from Worker role?

Some of the basic yet valid differences ...READ MORE

answered May 10, 2018 in Azure by club_seesharp
• 3,450 points
41 views
0 votes
1 answer

Error: Install-Module : The term 'Install-Module' is not recognized as the name of a cmdlet

Since you are using the lower version ...READ MORE

answered Jun 20, 2018 in Azure by null_void
• 3,220 points
1,795 views
0 votes
1 answer
0 votes
1 answer

Error: The subscription is not registered to use namespace 'Microsoft.DataFactory

In Azure, for each functionality there's a ...READ MORE

answered Aug 24, 2018 in Azure by null_void
• 3,220 points
120 views
0 votes
1 answer

Is there a logical difference between WebApp and API app in Azure?

Basically there was only minute differences between ...READ MORE

answered Apr 26, 2018 in Azure by null_void
• 3,220 points
68 views
0 votes
1 answer

Where is the storage account name and access keys on the portal?

In the image under the connection string ...READ MORE

answered May 21, 2018 in Azure by null_void
• 3,220 points
28 views