From the course: Building and Securing RESTful APIs in ASP.NET Core

Unlock the full course today

Join today to access over 22,600 courses taught by industry experts or purchase this course individually.

Authentication for REST APIs

Authentication for REST APIs - ASP.NET Core Tutorial

From the course: Building and Securing RESTful APIs in ASP.NET Core

Start my 1-month free trial

Authentication for REST APIs

- [Instructor] In the previous video, we looked at some common HTTP Authentication Schemes. Which scheme makes the most sense for our RESTful API depends on a few factors. The primary question you should consider when deciding on an authentication scheme for your RESTful API is who or what is the target audience? And what credentials will they use to authenticate with your API? If you're building an API service that will be used by other developers, you'll most likely wanna issue API keys for your service. This also applies if you're building an API that will primarily be used for machine to machine or service to service communication. For this scenario, you could consider using basic authentication if you're not too worried about security. A more secure choice would be the OpenID Connect client credentials flow or the API key in secret are exchanged for a bearer token. On the other hand, if you're designing an API that will be consumed by an end user application like a single page…

Contents