Web API Security in .Net6
What is Web API Security Web API Security is a mechanism to ensure that the APIs are not to be accessed without proper authentication and authorization. This is required to ensure that the APIs are not misused. Authentication is a mechanism to ensure that the user is a valid user and authorization to ensure that the user has all the right permission to access a method. Adding Authentication at Controller and Action Level We can do this by adding [Authorize] attribute at the controller level. This ensures that all the method of this controller can only be accessed by an authenticated user. If we want to exclude a specific method from Authentication and Authorization process then we need to write [AllowAnonymous] at the action method level. If we do not want to apply Authentication and Authorization to all the methods of a controller and want it to do for any specific method, then we can write [Authorize] attribute on the top of that method instead o...