Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Sean Valentine 12 posts 101 karma points
    Jul 19, 2016 @ 08:39
    Sean Valentine
    0

    Secure Web Api between two Seperate services

    My company has asked me to build a web app that will be able to query customer data on the web but also to do a async request to a remote server and query the data on that DB as well and then return both results into one.

    I'll be using Umbraco on the web and a Vanilla Asp.Net Web Api service on the remote DB.

    What's the best practise for securing requests? Do i create an API key? but how will that be authenticated / authorised on the remote server?

    For example, say i have a Member on my Umbraco Instance called Sean Smith, he does a search on the web app for a Jenny Smith.

    The web app will do two DB queries, one on the local DB on my web server and another async request on the remote DB which is located in offices on the other side of town (cross origin request).

    What's the safest and most secure way that the remote DB / server can verify that Sean Smith is a registered member and that he is allowed access to the remote DB to search for Jenny Smith?

    Any help will be appreciated. Much Love

Please Sign in or register to post replies

Write your reply to:

Draft