With distributed systems using potentially hundreds of API endpoints, web APIs must employ advanced authentication and authorization techniques and ensure protection against common web-based security attacks. In this course, you'll explore the function and characteristics of Web API authentication and authorization before learning how to use local logins and external authorization services.
Next, you'll learn how to prevent cross-site request forgery (CSRF) attacks, enable cross-origin requests in Web API 2, and use Web API filters. You'll then implement various authentication methods, namely basic authentication, forms authentication, and integrated windows authentication. Finally, you'll learn how to enforce SSL in a Web API controller.