We have developed an WEB API application by enabling HTTPS requests and deployed the same in a different machine in IIS. But when we try to call the WEB API methods in our MVC application we're actually getting the error and unable to connect either through the postman. When we're requesting through http, it's working but not using https.
Related
Background:
My Xamarin Forms application is calling Secured WEB API (built-in ASP.Net) to save data, while saving, I need to consume third party API to validate few fields. The third-party API is non secured (without HTTPS).
The Problem:
The issue is, my API call to secured API to save data crashes/doesn't complete.
R&D I tried:
I hosted ASP.Net Web API on my local server and tried accessing it via Postman (for some reason Xamarin app is not able to communicate with my local server). the call goes through without any problem including communicating with a third-party API to validate data.
I have two applications API and client. The two were working fine when they both used Forms authentication with machine key. After migrating the client app to azure authentication using OpenId and OWIN everything is fine with client, users can login with no issues to client.
The issue is when the client now tries to make call to API I get a 401 error.
I tried to generate forms authentication cookie in my client and add that to response. I can see that cookie is there but I still get a 401 from the API.
The problem is that you cannot combine OpenIdConnect on client side and Forms authentication on server side.
You have to set both, client and server, to use same authentication. If you went for OpenIdConnect on client, you need to set OpenIdConnect on server side too.
There is a sample on GitHub that may help you to understand how to do it.
How to secure a Web API built with ASP.NET Core using the Microsoft identity platform (formerly Azure Active Directory for developers)
I have spring MVC rest application and front application that consumes services from rest application. If not connected user try to use service from rest app then connection web service will be invoked.
Connection webservice use spring saml to connect user to Active directory.
How can I propagate the connection to the front application?
To implement that I use Spring oauth2. My Rest Api is the resource server and the client Api is oauth2 client. Hope that will help
I am implementing Single Sign On in my web app (the app will be released as a pure web app, or hybrid app using phonegap build).
I use a single page format and Jquery Mobile.
Google+ API Oauth2.0 seems to requires SSL (https).
So, I am confused: how do I switch from http to https (ssl) protocol with out leaving my single-page app ?
Thanks for your help.
I have developed an application using appery.io cloud IDE.
This ide supports only http protocol, but box api requires https protocol for redirect url.
Is there any way for entering http url instead https?
For security purposes, the entire API requires HTTPS.