Open Closed

Secure Web API Controllers #151

hasan created

Dear Team I am just starting this wonderful module for one of my project

How to give authorization generated to API Controllers ?

For example,

before the user calls, he has to login and get the session id before he proceeds to call other methods

Would like to achieve something like this ?

<a class="postlink" href=""> ... in-web-api</a>

3 Answer(s)
  • 0
    hikalkan created
    Support Team

    Hi Hasan,

    Thank you for interested in this project.

    ABP has AbpAuthorize attribute for authorization that is described in this document: <a class="postlink" href=""> ... horization</a>.

    ABP defines authorization as abstract. module-zero (<a class="postlink" href=""></a>) implements it using ASP.NET Identity Framework. There is a sample project in repository. It show usage of login form and authorization. You can check it and documentation to accomplish what you want. I'm continueing to documentation for module-zero.

    Beside that, you can also check ASP.NET Zero project (which is UI layer for ABP & module-zero): <a class="postlink" href=""></a> But it's commerical, not open source. If you will create a commerical application, this project can help you.

  • 0
    hasan created

    Dear Hikalkan

    Thanks for your reply.

    For my case, I will have to create a API Controller by myself and use the APIauthorize attribute

    Please clarify

  • 0
    hikalkan created
    Support Team

    Yes, you can create Web API controllers and add ASP.NET's standard security mechanism if you don't want to use ABP's authorization system.