Base solution for your next web application
Open Closed

WebAPI Only Access #6304


User avatar
0
mdframe created

I thought I saw an article or post regarding how to set a WebAPI only user to prevent them from having front end access. Would someone point me back to the article or provide feedback on how this can be done? I have a client that wants to support their eBay inventory with a backend connection and we need to provide them the ability to set actions on a web service only account.

Thx


7 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    https://aspnetboilerplate.com/Pages/Documents/Dynamic-Web-API#enable-disable

    Is this article? Or you can explain your problem in more detail.

  • User Avatar
    0
    mdframe created

    I have a client that will need to authorize and control access directly to the web services in ANZ. How do we create and manage user id's for web service connection only?

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @mdframe

    Currently there is no such option. When you create a user and grant permissions, this user can view both Web API and app pages.

    You need to implement it yourself if you want to restrict such users from accessing the Web UI.

  • User Avatar
    0
    mdframe created

    If we extended the user class to use a boolean type for OnlyWebAPI access where would we inject the check in the front-end to prevent a login?

  • User Avatar
    0
    aaron created
    Support Team

    Which is your project type?

    • ASP<span></span>.NET Core & Angular
    • ASP<span></span>.NET Core MVC & JQuery
    • ASP<span></span>.NET MVC 5.x & AngularJS 1.x
    • ASP<span></span>.NET MVC 5.x & JQuery
  • User Avatar
    0
    mdframe created

    Aaron,

    The project is ASP.NET Core & Angular.

    Thanks,

    Matt

  • User Avatar
    0
    aaron created
    Support Team

    You can return a value in Web.Host TokenAuthController's Authenticate method.

    And then check that value in Angular LoginService's processAuthenticateResult method