Reputation: 15553
What are the artifacts, to provide security to web api in asp.net?
Everywhere we need security in this web world. How can we provide the security to our asp.net Web api. what are the parameters for providing the security in terms of direct attack on web api to hack server data. What are the best practices and approach to provide security to Web API in dot net ?
Upvotes: 0
Views: 266
Answers (1)
Reputation: 23494
There are several things you need to take into consideration when you want to secure your Web API.
Using transport encryption (https) will provide you with server identity and confidentiality of the communication.
Authentication and authorization will provide you the ability to only serve data the users are allowed to access. Web API is most commonly secured with bearer tokens, either provided by an external authority or the application itself.
You also need to protect yourself against all kinds of common attacks:
ASP.NET Web API escapes data written to the output by default, mitigating some SQL injection attacks. It also has mitigation for CSRF attacks built in.
See security testing on wikipedia for more information.
Upvotes: 1
Related Questions
- How to protect a Web API using ASP.NET 5 MVC 6
- What is the best way to implement Security in WebApi 2?
- Recommended way to secure ASP.NET 5 Web API application
- ASP.NET WEB API 2 Security advice
- Security between .NET MVC and WEB API
- how to secure a Web Api
- How to protect ASP.NET Web API 2
- How to implement Authentication and Authorization for my Web API web service?
- Security in Web Api
- Securing Web Services