1

I am working on developing ASP.NET Core WEB API based microservices which will be consumed by multiple client applications like Angular app, iOS and Android app.

While looking on the security aspects of the microservices I do see that there is a need to prevent the microservices from XSRF attacks. On analysis I found that there is a way for ASP.NET Core MVC application as mentioned in the below URL: https://andrewlock.net/automatically-validating-anti-forgery-tokens-in-asp-net-core-with-the-autovalidateantiforgerytokenattribute/

Can anyone help me to know is there any way to automatically validating anti-forgery tokens in ASP.NET Core WEB APIs?

Any links with some sample code will help me a lot.

santosh kumar patro
  • 7,231
  • 22
  • 71
  • 143
  • I think this is mentioned in the [documentation under AngularJS](https://learn.microsoft.com/aspnet/core/security/anti-request-forgery?#angularjs). –  Jul 28 '19 at 20:42
  • I looking for the same issue i found this, i hope help you https://security.stackexchange.com/questions/151203/csrf-in-microservice-architecture – kmett Jun 22 '20 at 13:18

0 Answers0