DotNet

The following posts are part of this series: Part 1: Creating your App Registration Part 2: Configuring your code Part 3: Securing your API endpoints Defining protected First of all, let’s look at what we mean by protected. Much like in ASP.NET, in ASP.NET Core, you can use the [Authorize] attribute to define that your controller must be called with an authorised identity. We pass what is known as a bearer token as a Authorization header in our API requests, this holds information about the identity as well as user information unless the web app accepts calls from a daemon....

The following posts are part of this series: Part 1: Creating your App Registration Part 2: Configuring your code Part 3: Securing your API endpoints Let’s begin I’m not going to cover the steps involved in creating an app registration. This is covered, in detail, in the Microsoft documentation. In this article though, I want to point out some important things. Token versions The platform enables the generation of two token verions, v1....