Answer the question
In order to leave comments, you need to log in
What is the best way to implement authorization in Web API?
Hello.
I am developing a small api for a mobile application that will be used by company employees. I don't use the ASP.NET Web Application template. I found this article which I understand in general. Is it possible to use the approach indicated in this article?
Answer the question
In order to leave comments, you need to log in
Yes, this is a good article. This is how it is usually done - bearer token and attributes Authorize
.
In addition to ordinary tokens, there is an additional type - refresh token. They are used when the first token expires and needs to be renewed. It is not necessary to use them - it depends on the case. But just in case, read:
https://leastprivilege.com/2013/11/15/adding-refre...
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question