Reputation: 11
I have a request from a client that my Web API REST Service needs to be able to read the windows username automatically without bothering the user for a log-in. I've done this on an intranet, but not over the internet. I've gotten close to solving this, but IE insists on putting up a log-in dialog and leaving the password blank isn't an option. (I don't need the password)
Is this even possible? Do I need to use a different approach then Web API?
Upvotes: 1
Views: 151
Reputation: 9043
If you are exposing your API over the internet, then definitely you should not configure it to use Windows Authentication. You need to configure your API to accept bearer tokens which get sent with each request on the authorization header. You can read more about Web API bearer tokens here http://www.bitoftech.net/2014/06/01/token-based-authentication-asp-net-web-api-2-owin-asp-net-identity/
Upvotes: 1