Search⌘ K
Home
Courses
Using Single Sign-On for Securing Applications in ASP.NET Core

Securing Minimal API Endpoints

Explore how to secure minimal API endpoints in ASP.NET Core by applying authorization requirements with bearer tokens. Understand endpoint mapping, enforcing policies, and allowing anonymous access where needed, to safeguard your web API efficiently.

We'll cover the following...

In this lesson, we will cover the process of applying authorization requirements on minimal API endpoints in an ASP.NET Core application. The following playground demonstrates how it's done:

{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "AllowedHosts": "*"
}
Web API app with the full OIDC authentication flow

Note: Because we have to build two ASP.NET Core applications and populate the IdP database with the initial seed data, the build process is expected to take at least a few minutes. Also, because each playground launch rebuilds the IdP along with its database, the account previously registered will no longer work. We will need to register a new account.

The setup is represented by the following projects: ...