API Development: Web API Security


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

With distributed systems using potentially hundreds of API endpoints, web APIs must employ advanced authentication and authorization techniques and ensure protection against common web-based security attacks. In this course, you'll explore the function and characteristics of Web API authentication and authorization before learning how to use local logins and external authorization services.

Next, you'll learn how to prevent cross-site request forgery (CSRF) attacks, enable cross-origin requests in Web API 2, and use Web API filters. You'll then implement various authentication methods, namely basic authentication, forms authentication, and integrated windows authentication. Finally, you'll learn how to enforce SSL in a Web API controller.



Expected Duration (hours)
1.2

Lesson Objectives

API Development: Web API Security

  • discover the key concepts covered in this course
  • recognize the functions and characteristics of OAuth and API Security
  • authenticate an API using local logins
  • authenticate an API using an external authorization service
  • illustrate how to prevent Cross Site Request Forgery (CSRF) attacks
  • enable a cross-origin request in Web API 2
  • illustrate how to use filters in Web API
  • implement basic authentication in Web API
  • implement forms authentication in Web API
  • implement Windows authentication in Web API
  • enforce SSL in a Web API controller
  • summarize the key concepts covered in this course

    • Course Number:
    it_apieteddj_08_enus

    Expertise Level
    Intermediate