Topics
Published on December 6, 2016 by kudvenkat
Want create site? Find Free WordPress Themes and plugins.

In this video we will discuss how to test ASP.NET Web API token based authentication using fiddler.

Text version of the video
csharp-video-tutorials.blogspot.com/2016/12/using-fiddler-to-test-aspnet-web-api.html

Slides
csharp-video-tutorials.blogspot.com/2016/12/using-fiddler-to-test-aspnet-web-api_6.html

All ASP .NET Web API Text Articles and Slides
csharp-video-tutorials.blogspot.com/2016/09/aspnet-web-api-tutorial-for-beginners.html

All ASP .NET Web API Videos

All Dot Net and SQL Server Tutorials in English
www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd

All Dot Net and SQL Server Tutorials in Arabic
www.youtube.com/c/KudvenkatArabic/playlists

In our previous video we have registered a new user with the following email address and password. The username is also the email address.
Email : test1@test.com
Password : Test123!

Now let’s use fiddler and generate the access token using the above username and password. Use the Composer tab in Fiddler to compose a request.

Issue a POST request to /token
In the request body include username and the password.
We also need to set grant_type=password. This indicates that we are presenting password for acquiring access token.

With the above configuration in place, click the Execute button in Fiddler. Notice we get the access token back. You can also see when the token is issued and when it expires.

Now let’s understand how the access token is generated.
The code that generates the access token is provided by ASP.NET Web API out of the box. To see this code open the file “Startup.Auth.cs” that is present in App_Start folder. Notice in the ConfigureAuth() method

1. An instance of OAuthAuthorizationServerOptions is created
2. The /Token end point to which we have posted username and password is specified in here
3. The token expiry is specified using AccessTokenExpireTimeSpan property. In this case the token expires 14 days after it is issued. You can change this to meet your application needs.
4. The Provider property is initialized with a new instance of ApplicationOAuthProvider class. This class has GrantResourceOwnerCredentials() method which verifies if the provided username and password are valid. If valid an access token is issued. The token is generated when context.Validated(ticket) method is called.

Now let us see how to call EmployeesController and retrieve employees data.

If we issue a GET request to /api/employees we get 401 Unauthorized error. Since the EmployeesController is decorated with [Authorize] attribute, the request needs to be authenticated. So with every request we have to send the Bearer token using Authorization header

In our next video we will discuss implementing the Login page for the sample application that we have been working with in this series.

Did you find apk for android? You can find new Free Android Games and apps.

Leave a Reply

18 Comments on "Using fiddler to test ASP NET Web API token based authentication"

Notify of
avatar

kathiravan.k kathir
Guest
kathiravan.k kathir
9 months 29 days ago

Thanks for your valuable video tutorials

Shin Gao
Guest
Shin Gao
10 months 15 days ago

Your videos save my life. Thanks Sir, Keep going..

Jaydeep Sakariya
Guest
Jaydeep Sakariya
10 months 22 days ago

Great Explanation… Thanks..

achu r
Guest
achu r
10 months 23 days ago

Thank You Sir !!!

Comedy funniest movies
Guest
Comedy funniest movies
11 months 2 days ago

thank you so much kudvenkat sir. your channel made me a good .Net developer and now I got job. I salute you.

Pavel Basha
Guest
Pavel Basha
8 months 26 days ago

and your tutorials help me in my job so much. When I look at your channel, I am really going crazy.. so much work, so much hours hard and meticulous work. Thank you again.

achu r
Guest
achu r
10 months 23 days ago

me too got a job ….thank you sir!!!

kudvenkat
Guest
kudvenkat
11 months 1 day ago
Thank you very much for taking time to give feedback. This means a lot. I am very glad you found the videos useful.Wow….Congratulations. Very happy for you. I am honoured, when you say these videos helped you to get the job. Thank you very much for taking time to share the good news.Good luck and all the very best with your new role.I have organised all the Dot Net & SQL Server videos in to playlists, which could be useful to youwww.youtube.com/user/kudvenkat/playlists?view=1&sort=ddIf you need DVDs or to download all the videos for offline viewing please visitwww.pragimtech.com/order.aspxSlides and Text Version of… Read more »
ytfilastu
Guest
ytfilastu
11 months 7 days ago

gr8

Ali Hassan
Guest
Ali Hassan
11 months 10 days ago

please make a video tutorial on asp.net mvc user roles and rights management ..and assigning different roles to different users ….Thanks in Advance…

Ali Hassan
Guest
Ali Hassan
11 months 10 days ago

very nice tutorial….

Lara Almomani
Guest
Lara Almomani
11 months 11 days ago

I got this error :unsupported_grant_type I spent more than 3 hours to resolve this error but it didn't work 🙁

RAQIBUL ALAM RASHED
Guest
RAQIBUL ALAM RASHED
11 months 11 days ago

Thanks

wpDiscuz