Last post Jul 19, 2016 09:36 AM by Yohann Lu
Jul 19, 2016 08:54 AM|seanjvalentine|LINK
My company has asked me to build a web app that will be able to query customer data on the web but also to do a async request to a remote server and query the data on that DB as well and then return both results into one.
I'll be using Umbraco on the web and a Vanilla Asp.Net Web Api service on the remote DB.
What's the best practise for securing requests? Do i create an API key? but how will that be authenticated / authorised on the remote server?
For example, say i have a Member on my Umbraco Instance called Sean Smith, he does a search on the web app for a Jenny Smith.
The web app will do two DB queries, one on the local DB on my web server and another async request on the remote DB which is located in offices on the other side of town (cross origin request).
What's the safest and most secure way that the remote DB / server can verify that Sean Smith is a registered member and that he is allowed access to the remote DB to search for Jenny Smith?
Any help will be appreciated.
Jul 19, 2016 09:36 AM|Yohann Lu|LINK
What's the best practise for securing requests? Do i create an API key? but how will that be authenticated / authorised on the remote server
You can refer the following links.
1: Security issues for Web API:
2: Making your ASP.NET Web API’s secure:
another async request on the remote DB which is located in offices on the other side of town
In Web API, you can use Async/Await on ASP.NET/Web API
Using Asynchronous Methods in ASP.NET: