user380719
Reputation: 9903
How do I secure an OData service?
OData is great because it's simple.
However, I don't see any security specification for OData.
What is common practice? HTTPS + (username, pwd)
Upvotes: 2
Views: 1226
Answers (1)
zudokod
Reputation: 4094
There is mentioned in the spec, it is similar to Atom publishing protocol. So security definitions for both are same.
OData Spec (section 5)
The Atom Publishing Protocol is based on HTTP. Authentication can be done HTTP Authentication like Basic and Digest Access Authentication The use of authentication mechanisms to prevent POSTing or editing by unknown or unauthorized clients is RECOMMENDED but not required.
Upvotes: 1
Related Questions
- Protect OData API calls from data spoofing from inside by internal user
- OData Authentication
- Web API OData Security per Entity
- Use OData Service Functions To Create Multiple Views of Data, Enforce Authorization
- Is OData intended for use within Government and Financial envrionments? What security precautions do I need?
- How can ASP.NET WebApi OData services be hardened against abuse?
- How do I secure an odata service running on windows Azure
- Custom authentication : Odata services
- Adding Security Layer to OData Service
- Authentication on odata service