Web Server

W16 Securing Web APIs in ASP.NET Core


3:00pm - 4:15pm

Level: Introductory to Intermediate

Brock Allen

Application Security Architect


Traditional security for web applications involves cookies, but web APIs have a fundamentally different security model. In fact, there are security vulnerabilities when using cookies for web APIs. So what's the solution? Token-based authentication with OAuth2 works just fine. This session will help you learn about the issues, how to get and use tokens, and how ASP.NET Core helps protect your web APIs.

You will learn:

  • About protecting web APIs with token-based security
  • The benefits of OAuth2
  • About using middleware to protect web APIs