Protecting Endpoints

Explore how to protect API endpoints in ASP.NET Core by implementing authentication and authorization with Auth0. Learn to use the Authorize attribute to secure actions, handle token-based access, and apply custom policies to restrict operations like updating or deleting to authorized users only.

We'll cover the following...

Protecting endpoints with simple authorization

We are going to start this section by protecting the questions endpoint for adding,updating, and deleting questions as well as posting answers so that only authenticated users can do these operations. We will then move on to implement and use a custom authorization policy so that only the author of the question can update or delete it.

Protecting endpoints with simple authorization

Let's protect the questions endpoint for the POST, PUT, and DELETE HTTP methods by carrying out these steps:

Open QuestionsController and add the following using statement:

1.Introduction

2.Getting Started

3.Creating Decoupled React and ASP.NET 5 Apps

4.Building a Frontend with React and TypeScript

5.Styling React Components with Emotion

6.Routing with React Router

7.Working with Forms

8.Managing State with Redux

Project

9.Interacting with the Database with Dapper

10.Creating REST API Endpoints

11.Improving Performance and Scalability

12.Securing the Backend

13.Interacting with RESTful APIs

Project

14.Adding Automated Tests

15.Configuring and Deploying to Azure

16.Implementing CI and CD with Azure DevOps

17.Conclusion

Protecting Endpoints

Protecting endpoints with simple authorization