locked
Securing Web api by user or app RRS feed

  • Question

  • Hi 

    I have the following requirement 

    I have a datawarehouse on which i have To build micro services by domain.

    Wé neéd to ensure that the service could be called by an end user as well as app. 

    We need to ensure that the r esponse sent to user returns only data the user have access.

    Wé need also to define the data on which an app calling the servicen has access. 

    Which data filtering'(securing) mechanism should we put in place'? 

    How the apps should call the service ? 

    Is sql row level security a candidate ?

    Technologies : .net core api, sql serveur , adfs,azure ad, odata,  ef7 


    Best regards, Mahmoud Challouf MCTS .NET Framework , WCF , SharePoint www.innersharepoint.blogspot.com

    Monday, February 25, 2019 11:40 PM