Open Closed

Token based API integration & API metering #7815


0
mandatly created

Hi,

We are looking for a way to expose our APIs to external applications. We do not want external application to store/access username and password, instead we are looking for a token based authentication solution. Where user can create/expire/delete tokens from our application. External applications can pass on token for authentication before invoking APIs.

In addition to that we are looking for way to capture the number of calls per API and way to restrict them as per configured values as per tenant.

Do we have any out of box feature in AspNetZero which can be used for above requirement? Looking forward for positive response.


1 Answer(s)
  • 0
    maliming created

    We do not want external application to store/access username and password, instead we are looking for a token based authentication solution. Where user can create/expire/delete tokens from our application.

    This sounds very consistent with the OAuth2 design. Zero integrates with Identity Server 4 and you can check them out.

    https://identityserver4.readthedocs.io/en/latest/

    In addition to that we are looking for way to capture the number of calls per API and way to restrict them as per configured values as per tenant.

    You can use an interceptor/filter for your api.

    See https://aspnetboilerplate.com/Pages/Documents/Articles/Aspect-Oriented-Programming-using-Interceptors/index.html