Summary

That was easy, wasn't it? We just set up the security for our APS.NET Web API that we will build upon in the upcoming chapters.

You learned about the security architecture of ASP.NET Web API that gave an overall view of what's under the hood. We then set up our browser client, from implementing the Web lookup service to calling the Web API with JavaScript and jQuery code.

You also learned about authentication and authorization techniques, which we will be covering in great detail later in the book. Moving on, you learned about HTTP Message Handlers, Principal, and the [Authorize] Attribute to control the authorization for the users.

Finally, you learned about custom authorization and authorization in a controller action to alter the behavior after processing the request based on the principal.

You learned a lot of stuff in this chapter. However, this is just the beginning. In the next chapter, you will implement a secured socket layer to the Web API. Let's get the ball rolling!