0

I am trying to create secured MVC4 web API project. In this application knockout Js will access API service directly. I need authentication on his. I am confused how to apply authentication only on web api. I can’t use MVC authentication because other projects also share same API services. Any one please suggest a good solution using knockout js and web api. I tried Thinktecture.IdentityModel but I am not able to use knockout Js in it. this project is in .net 4.0. Thanks in advance

Sankaran Namboothiri
  • 51
  • 1
  • 5
  • Use backbone.js to communicate to REST and for the view purpose use Knockout.js .. Else can you kindly explain more about kind of security – backtrack Aug 19 '13 at 05:23
  • @Backtrack thanks for your replay. Currently I am using ajax for communication. It is possible to use token authentication in this case?. – Sankaran Namboothiri Aug 19 '13 at 13:40
  • Are you using windows or forms authentication? In any case my answer below is valid. Or is your question more centered around how to Authenticate the user with Web api, not how to Authorize access to the web api methods? – Anders Aug 20 '13 at 11:27

3 Answers3

3

thanks for the support
got solution

Sankaran Namboothiri
  • 51
  • 1
  • 5
0

Use the [Authorize] attribute on the WebApi controllers

[Authorize(Roles="WebApiAccess")]
public class FooController : ApiController
{
}
Anders
  • 17,306
  • 10
  • 76
  • 144
0

You can send authN tokens before your Ajax request. Here is a similar SO question (with answer). You can add auth for your entire client app by creating a global 401 error handler (AngularJS, but the original question is generic jQuery).

Community
  • 1
  • 1
Corey Cole
  • 977
  • 9
  • 18