securing restful wcf services
Posted on 2013-01-30
As I am building out my back end restful service(s), one of the things I am looking into is how to make the calls be secure, so that the calls cant be called from an authorized client. Especially since my services may have information that is very confidential and not something I want accessed unless you have permission to do so.
I have looked at OAUTH2 as one option, and this seems to be great on the server side of things, however how do you implement this over a http and where the client could be a mobile web page.
Does anyone have any experience with using OAUTH2 in a client environment where you have a mobile web page, that makes the call to the service and passes in whatever is needed for OAUTH2 to work over the client.
Any help ye can give would be appreciated. Thanks.