Language

Security issues for Web API.

  1. ASP.NET Identity

    The ASP.NET Identity system is designed to replace the previous ASP.NET Membership and Simple Membership systems. It includes profile support, OAuth integration, works with OWIN, and is included with the ASP.NET templates shipped with Visual Studio 2013.

  2. Authentication and Authorization

    By Mike Wasson|

    Gives a general overview of authentication and authorization in ASP.NET Web API.

  3. Individual Accounts in Web API

    By Mike Wasson|

    With Visual Studio 2013, Web API now supports individual accounts, using OAuth2 bearer tokens for authorization.

  4. External Authentication Services

    By Robert McMurray|

    Learn how to use External Authentication Services with Web API and Single Page Applications.

  5. Basic Authentication

    By Mike Wasson|

    Describes using Basic Authentication in ASP.NET Web API.

  6. Forms Authentication

    By Mike Wasson|

    Describes using Forms Authentication in ASP.NET Web API.

  7. Integrated Windows Authentication

    By Mike Wasson|

    Describes using Integrated Windows Authentication in ASP.NET Web API.

  8. Enabling Cross-Origin Requests in Web API

    By Mike Wasson|

    Shows how to support Cross-Origin Resource Sharing (CORS) in ASP.NET Web API 2.

  9. Preventing Cross-Site Request Forgery (CSRF) Attacks

    By Mike Wasson|

    Describes the cross-site request forgery (CSRF) attack and how to implement anti-CSRF measures in ASP.NET Web API.

  10. Securing ASP.NET Web APIs

    In this video, Dominick Baier of thinktecture talks about authentication and authorization in Web API.

  11. Working with SSL

    By Mike Wasson|

    Shows how to use SSL with ASP.NET Web API, including using SSL client certificates.

  12. OWIN and Katana

    Katana is a flexible set of components for building and hosting Open Web Interface for .NET (OWIN)-based web applications. The Katana/OWIN documentation includes tutorials that show how to handle authentication and authorization scenarios.

Essential Videos

Pluralsight

Microsoft has made it possible for you to enjoy this Pluralsight training free of charge. In addition, you can watch more videos free of charge from Microsoft.

1. Introduction

54 mins

2. Uniform Interface

46 mins

3. HttpClient

33 mins

4. Hosting

25 mins

5. Security

10 mins

6.Extensbility

27 mins

Sponsored By: Pluralsight

Unlock access to 3,000+ dev, IT and creative courses that you can watch anytime, anywhere.

Starting at $29/mo.

Free Trial! Free Subscribe Now!

Web API Books

Microsoft's Jon Galloway recommends these books for learning ASP.NET MVC:

Pro ASP.NET Web API

Pro ASP.NET Web API

by Tugberk Ugurlu, Alexander Zeitler

Designing Evolvable Web APIs with ASP.NET

Designing Evolvable Web APIs with ASP.NET

by Glenn Block, Pablo Cibraro, Pedro Felix, Howard Dierking, Darrel Miller

ASP.NET MVC 4 and the Web API: Building a REST Service from Start to Finish

ASP.NET MVC 4 and the Web API: Building a REST Service from Start to Finish

by Jamie Kurtz