From the course: Building and Securing RESTful APIs in ASP.NET Core
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Authentication for REST APIs - ASP.NET Core Tutorial
From the course: Building and Securing RESTful APIs in ASP.NET Core
Authentication for REST APIs
- [Instructor] In the previous video, we looked at some common HTTP Authentication Schemes. Which scheme makes the most sense for our RESTful API depends on a few factors. The primary question you should consider when deciding on an authentication scheme for your RESTful API is who or what is the target audience? And what credentials will they use to authenticate with your API? If you're building an API service that will be used by other developers, you'll most likely wanna issue API keys for your service. This also applies if you're building an API that will primarily be used for machine to machine or service to service communication. For this scenario, you could consider using basic authentication if you're not too worried about security. A more secure choice would be the OpenID Connect client credentials flow or the API key in secret are exchanged for a bearer token. On the other hand, if you're designing an API that will be consumed by an end user application like a single page…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
-
(Locked)
How HTTP authentication works3m 39s
-
(Locked)
Authentication for REST APIs3m 21s
-
(Locked)
Add Identity4m 51s
-
(Locked)
Add a test user3m 21s
-
(Locked)
Create a users collection5m 45s
-
(Locked)
Create a registration route6m 9s
-
(Locked)
Add OpenIddict4m 12s
-
(Locked)
Add a token endpoint2m 6s
-
(Locked)
Create a UserInfo route5m 28s
-
(Locked)
More about OpenID Connect2m 59s
-
(Locked)
Authorization using policies5m 19s
-
(Locked)
-