Testing an HTTPS site locally with Postman requires some additional configuration. Nate explains how to configure Postman and test the project over HTTPS.
- [Instructor] We've configured our application to redirect HTTP requests to HTTPS, and we can use Postman to verify that that redirect is working. I'll start out the application. In Postman, I want to change the settings a little bit. If I turn off automatically follow redirects, I can see the redirect that the application sends back. Now, I'll issue a get request to the HTTP, or unencrypted port, and now the application responds with 302 found. In the headers, we can see the location that it wants us to redirect to is the HTTPS port, so I can make a request to that and see what happens.
Now, I get an error. Actually, it just looks like an error, but it's really Postman being cautious. The certificate that IS Express uses for SSL in development, is a self-signed certificate, which is a bad thing out on the internet, but it's fine for local development. We can temporarily disable this SSL certificate check. In production, of course, your web server will use a properly signed SSL certificate. If we go back to settings, we can turn off SSL certificate validation in Postman. If we retry this request, now it works fine.
This response came over an encrypted HTTPS connection, and now any client connecting to the API will be redirected to an encrypted connection automatically. To increase that security guarantee even further, we can return some additional headers in the response.
- REST vs. RPC
- Using HTTP methods (aka verbs)
- Returning JSON
- Creating a new API project
- Building a root controller
- Routing to controllers with templates
- Requiring HTTPS for security
- Creating resources and data models
- Returning data and resources from a controller
- Representing links (HREFs)
- Representing collections
- Sorting and searching collections
- Creating forms
- Caching and compression
- Authentication and authorization for RESTful APIs
Skill Level Intermediate
Deploying ASP.NET Core Applications (2017)with Nate Barbettini57m 57s Intermediate
1. REST API Concepts
2. Building a Basic API
3. Securing the API
4. Representing Resources
5. Representing Links
6. Representing Collections
7. Sorting Collections
8. Searching Collections
9. Forms and Modifying Data
10. Caching and Compression
11. Authentication and Authorization
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.