We built the foundation of the app in the last chapter, where we also explored the HTTP verbs in detail while creating a controller inside the ASP.NET Core Web API.
Now, we are gradually moving toward an important aspect of the API, called authentication. Authentication is definitely a required component because of the ease of accessibility of the API. Limiting the requests and putting a restriction on them would prevent malicious attacks.
Users of your application, or customers, in our case, need a registration form/interface where their details can be grabbed by the system. We will see how to register users with the API.
After you register and have all the details of the customers, such as email and password, it will be easy for you to identify the requests coming from a client. Wait, that is easy, but there are principles we need to follow in order to authenticate the user to access our resources. That is where Basic Authentication and OAuth Authentication will come into the picture.
We will cover the following topics in this chapter:
- Why authentication and limiting requests?
- Using EF Core for bootstrapping our REST API
- Adding basic authentication to our REST API
- Adding Oauth 2.0 authentication to our service
- Defining the client-based API consumption architecture