Securing Controllers
Explore how to implement security for Web API endpoints in ASP.NET Core by applying global authorization policies and using the Authorize and AllowAnonymous attributes on controllers and actions. Understand how bearer tokens and OpenID Connect workflows protect data access.
We'll cover the following...
We'll cover the following...
As we know, here are the two types of web API endpoints:
Controllers
Minimal APIs
In this lesson, we will learn different ways of securing the endpoints represented by controller classes. We will do so with the help of the following setup:
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*"
}Web API app with the full OIDC authentication flow
Note: Because we have to build ...