Using OWIN to self-host Web API and secure endpoints

In this post we are going to talk a little bit about OWIN. What is it, how can we use it with ASP.NET Web API to expose API endpoints, as well as how to secure those endpoints.

The application uses OWIN to self-host the Web API as well as ASP.NET Identity as underlying membership mechanism. Users can fetch public data from /api/people endpoint, as well as secured private data from /api/user endpoint. The latter one is to demonstrate security in Web API.

Continue reading