Security with API: OAuth, token-based access vs key-based access

Let’s consider security with APIs, i.e how to securely identify the caller. There are two authentication methods quite popular in the cloud to secure APIs: Key-based access OAuth, or token-based access in general Let’s compare them. Key-Based By key-based we mean an authentication scheme where we do pass a key to the API request. That … More Security with API: OAuth, token-based access vs key-based access

Azure Functions HTTP – Authorization Levels

In a past article, we looked at Serverless compute in Azure in general and Azure Functions specifically. In this article we wanted to focus on Azure Function triggered by HTTP requests and the different options we have to authenticate: Anonymous Function Admin System User Those are called Authorization Levels.  For each function in a function … More Azure Functions HTTP – Authorization Levels

Nuget WordPress REST API – Demo App

I’ve had a few requests to explain how to use the Nuget WordPress REST API beyond authentication. In order to do this, I added a Demo App under source control. The Nuget package source code is available at http://wordpressrestapi.codeplex.com/ and if you download the code, you’ll see there are 3 projects: WordPressRestApi:  essentially the Nuget … More Nuget WordPress REST API – Demo App

Securing REST API using Azure Active Directory

Scenario:  you have a web & mobile front-end, both using a REST API as a back-end.  You want to secure that back-end with authentication / authorization.  How do you do that in Azure? There are obviously a bunch of ways to do that.  In this post, I’ll discuss the recommended approach:  using Azure Active Directory.  … More Securing REST API using Azure Active Directory