Reputation: 167
Web API authentication like Facebook, Twitter and Google
I need to develop an external API, and I want to implement authentication with a client ID and a secret key just like Facebook, Twitter, Google and Microsoft do.
I have read some tutorials about OAuth2, but his generated token is temporary, and clients need to pass the username and password to get a token.
So, what I want is to give a client ID and a secret key to every client that will use my API, and they should pass this data on every method they call. Before returning the result, API checks if the request is valid.
What is the best way to do this?
Upvotes: 0
Views: 120
Answers (1)
Reputation: 1541
I think what you're looking for is 'Basic Authentication'. Here's a very simple tutorial to follow in order to fulfill your requirements: http://www.c-sharpcorner.com/blogs/basic-authentication-in-webapi
It goes without saying that you should set your site to force https so that the credentials in request header are encrypted.
Upvotes: 1
Related Questions
- ASP.NET Web API with custom authentication
- User Authentication in ASP.NET Web API
- ASP.NET Web API social authentication for Web and Mobile
- Web API Authentication in ASP.NET 5
- How to Setup Authentication for Web API?
- ASP.NET Web Api Authentication Methods
- Authenticating ASP.NET Web API
- What's the simplest way to do authentication with a web API?
- ASP.NET Web API login with Facebook & Twitter
- Can we embed authorization for twitter, linkedin, facebook, buzz in asp.net c# web application?