Book Image

Building RESTful Web Services with .NET Core

By : Gaurav Aroraa, Tadit Dash
Book Image

Building RESTful Web Services with .NET Core

By: Gaurav Aroraa, Tadit Dash

Overview of this book

REST is an architectural style that tackles the challenges of building scalable web services. In today's connected world, APIs have taken a central role on the web. APIs provide the fabric through which systems interact, and REST has become synonymous with APIs. The depth, breadth, and ease of use of ASP.NET Core makes it a breeze for developers to work with for building robust web APIs. This book takes you through the design of RESTful web services and leverages the ASP.NET Core framework to implement these services. This book begins by introducing you to the basics of the philosophy behind REST. You'll go through the steps of designing and implementing an enterprise-grade RESTful web service. This book takes a practical approach, that you can apply to your own circumstances. This book brings forth the power of the latest .NET Core release, working with MVC. Later, you will learn about the use of the framework to explore approaches to tackle resilience, security, and scalability concerns. You will explore the steps to improve the performance of your applications. You'll also learn techniques to deal with security in web APIs and discover how to implement unit and integration test strategies. By the end of the book, you will have a complete understanding of Building a client for RESTful web services, along with some scaling techniques.
Table of Contents (13 chapters)

Securing RESTful web services

Before you start with learning about securing RESTful web services, I would like to tell you about security in the world of the web. In general, the phrase security describes the measures that are taken to make sure that everything is secure. But what does everything include here? Let's elaborate: security is a way or a process that stops unauthenticated and unauthorized access to confidential data over web applications.

The type of confidential data depends upon the nature of the web application—for example, if the web application is for medical and clinical services, then the confidential information consists of all the patients' data related to their tests, medical history, and so on.

The first step towards the creation of a security process is to authenticate and authorize access to the web application. If the request is not...