2 pages tagged with "authentication"

MVC5/Web API 2 introduced a new IAuthenticationFilter (as opposed the the IAuthorizationFilter we needed to dual-purpose in the past), as well as a substantial overhaul of the user model with ASP.NET Identity. Unfortunately, the documentation is abysmal, and all the blog articles focus on the System… read more

If you need to build an authentication mechanism for an HTTP-based REST API, a common approach is to use HTTP Basic - it's simple, all clients have it built-in, it's easy to test from the browser, and you can store passwords as hashes. The downside is that your credentials are transmitted in (nearly… read more