dace
Reputation: 124
Allow access only from specific url in ASP.NET core web service
I have to make web service in ASP.NET core and it should be accessible only from specific URL. No authentication with username and password.
I understand that I have to create some kind of custom filtering with middleware to achive this. But how do I get the callers URL address?
Upvotes: 0
Views: 2395
Answers (1)
Simply Ged
Reputation: 8642
In ConfigureServices you can use a CORS policy to only allow specific origins. (Change the IP address to be the IP or machine name that can call the service)
public void ConfigureServices(IServiceCollection services)
{
...
services.AddCors(action =>
{
action.AddPolicy("origin", policy =>
{
policy.WithOrigins(new string[] { "10.1.0.1" });
});
});
}
And then use it in Configure:
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
...
app.UseCors("origin");
...
}
Upvotes: 1
Related Questions
- How to restrict access to single API method with IP security or some other option
- How to block access to controller via changing Url in ASP.NET Core?
- Only allow certain domain to access web api
- Lock down API to specific URL
- allow requests from specific url
- ASP.NET MVC 3 Restrict API Access
- Block direct access to url and allowing access by system only
- Restrict access to a specific URL, running on IIS7 / ASP.NET
- Protect .net Web Service URL
- Limiting access to web service