• Online, Self-Paced

With distributed systems using potentially hundreds of API endpoints, web APIs must employ advanced authentication and authorization techniques and ensure protection against common web-based security attacks. In this course, you'll explore the function and characteristics of Web API authentication and authorization before learning how to use local logins and external authorization services.

Next, you'll learn how to prevent cross-site request forgery (CSRF) attacks, enable cross-origin requests in Web API 2, and use Web API filters. You'll then implement various authentication methods, namely basic authentication, forms authentication, and integrated windows authentication. Finally, you'll learn how to enforce SSL in a Web API controller.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.