Home/ Questions/Q 8595051
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T00:20:40+00:00

I have various c# rest services performing normal CRUD tasks on a database, For

  • 0

I have various c# rest services performing normal CRUD tasks on a database,

For example, I have a rest service to add a customer to my customers database table which will expect XML as indicated below,

<CreateCustomerRequest>
    <Name>Customer name</Name>
    <Surname>Customer surname</Surname>
</CreateCustomerRequest>

Anyone that knows the URL and the proper XML structure can therefore call the rest service and insert a customer into my database. What is the best way to make sure that unauthorized inserts are not performed? Perhaps a key send with the request calculated as MD%([name field] + [surname field] + [shared client/server key]??

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You could use Basic Authentication with your REST service.
    Each call will need to send the auth information, or the call will fail with a 401.

    Basically, the following needs to be appended to the content header of the request:

    Authorization: Basic YWRtaW46YWRtaW4x

    where YWRtaW46YWRtaW4x is base64 encoded username:password

    You could also implement SSL and have your client send along a certificate with each request if you need that level of security.

    Do not attempt to invent your own security unless you’re an expert in that area.

    • 0