Last post Apr 11, 2016 05:49 AM by Yohann Lu
Apr 11, 2016 01:30 AM|Tirath.email@example.com|LINK
I am new to Web API, my first work on Web API. I have to build a web api service tat will be called from internet. I understand that when Web API service is hosted in IIS, I can set it up with credentials. For web, I read that credentials will be passed
in clear text, so does it mean that basic authentication is not secure. I do not know if my client will agree to HTTPS. Is there any other way to make basic authentication secure for Web API?
Apr 11, 2016 03:43 AM|Nataraj Gandhi Arunachalam|LINK
Basic Authentication is only secure over HTTPS. The following posts show some ways to make basic authentication more secure,
Apr 11, 2016 05:49 AM|Yohann Lu|LINK
From your description, you can learn the following security tutorial.
Security issues for Web API: