Building and Securing Restful APIs in .NET

Explore the principles of REST API design while learning how to build secure RESTful APIs in ASP.NET.

Introduction

• Introduction to RESTful APIs in .NET
• What you should know
• Exercise files

1. REST in ASP.NET

• REST level set
• Creating the API project
• Creating the database entities
• Creating and seeding the database
• Defining the resources
• Mapping resources and entities
• Setting up the resource controller
• Set up the HTTP test file

2. Working with Resources

• Defining URI templates
• Implement resource collection GET
• Implement resource GET
• Implement resource POST
• Implement resource PUT
• Implement resource PATCH
• Implement resource DELETE
• Review additional resource operations

3. Adding Link Support

• HATEOAS and the API root
• Create a link base class
• Update resource with link support
• Validate linking support
• Industry linking formats

4. API Authentication

• Authentication options
• Securing the data in transit and at rest
• Securing APIs with API key
• Checking for API keys
• Securing APIs with a token
• Enabling ASP.NET Identity for APIs
• Enforcing and validating token identity
• Testing identity APIs
• Using proxies for authentication
• Using OAuth providers for tokens

5. API Authorization

• Defining security policies
• Creating a security policy for write operations
• Applying the security policy

Conclusion

• Next steps