0
I’m a beginner and I built a mobile application in C# that connects to a Web Api. However, the Web Api will be on a server that has only internal access, which would theoretically protect the BD. How do I get my (public) application access to this Web Api that only allows internal access? Create another Web Api with external access that will call this Web Api ? A Proxy ? If you can provide any material or example, please.
1
This question is very opinionated and depends on your specific scenario.
I’ll try to enumerate some scenarios that might look like yours, but then it depends on you which is the best:
if it is impossible to make public the Web API that today is restricted, and it is also impossible to access the database outside of this API then there is only one way, to make a Proxy and implement in the restricted API everything that is necessary
if it is possible to access the database from outside this API, then it may be best to use some restricted API functions when possible, and when necessary directly access the database, this if it is really necessary... or else use the first alternative not to break the encapsulation, if this is a premise of the system.
if the restricted API can be published, it is possible to use some kind of authentication, where the user passes a key appKey which could be used together with the referrer if it is an API to be used directly from the browser (type, if the referrer is not the registered domain for that appKey then access is denied). Thus it would be necessary for the client (user) to register the app within your system
Browser other questions tagged c# rest asp.net-web-api
You are not signed in. Login or sign up in order to post.
There’s a great article that solves your problem here. Article
– Andre Mesquita