Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Secure Your APIs: JWT, Roles & Policies in ASP.NET Core
Important Introduction
About This Course
Telegram Group for This Course
๐ฆ Introduction - Course Orientation (Continuation Mode)
๐ How This Course Continues From Course #1 -Introduction to RESTFul API's? (16:52)
๐ Running & Verifying the Existing Student API (21:14)
๐ Security Upgrade Roadmap (25:15)
๐ฆ Module 1 โ Security Audit (Why the Current API Is Unsafe)
๐ Security Audit โ Attacking the Existing Student API (39:22)
โ Quiz โ Security Audit: Attacking the Existing Student API
๐ Defining Security Boundaries for Student Endpoints (24:35)
โ Quiz โ Defining Security Boundaries for Student Endpoints
๐งฑ Security Maturity Levels (Self-Read)
๐ Security Maturity Levels
โ Quiz - Security Maturity Levels
๐ง Common API Security Myths (That Break Real Systems)
๐ Common API Security Myths (That Break Real Systems)
โ Quiz - Common API Security Myths
๐ฆ Module 2 -๐ฆ๐๐งฌ Encoding vs Encryption vs Hashing โ Explained
๐ Encoding vs Encryption vs Hashing (13:19)
๐ Encoding (28:29)
๐งช Encoding Demo (.NET) โ Encoding โ Security
๐ Encryption (25:52)
๐งช Encryption Demo (.NET) โ Protecting data that must be read again
๐ Hashing (27:25)
โ Quiz โ Encoding vs Encryption vs Hashing
๐ ๐ Salting & Slow Hashing (Defending Against Real Attacks) (25:03)
๐งช Hashing Demo (.NET) โ Protecting secrets that must never be revealed
โ Quiz โ ๐ Salting & Slow Hashing (Defending Against Real Attacks)
๐ฆ Module 3 โ Basic Shield (HTTPS + CORS)
๐ HTTPS for Beginners (32:12)
โ Quiz - HTTPS for Beginners
๐ Enforcing HTTPS (22:55)
โ Quiz - Enforcing HTTPS in ASP.NET Core
๐ CORS for Beginners (32:14)
โ Quiz โ CORS for Beginners
๐ ๐ ๏ธ ASP.NET Core CORS Configuration (31:54)
โ Quiz โ ๐ ๏ธ ASP.NET Core CORS Configuration
๐ Where We Are Now โ And Why We Must Continue
๐ฆ Module 4 โ Authentication with JWT (Core Module)
๐ Why Authentication Is Needed Now? (20:25)
โ Quiz โ Why Authentication Is Needed Now?
๐ JWT Explained (Student Identity Analogy) (10:48)
โ Quiz โ JWT Explained (Student Identity Analogy)
๐ JWT Structure - Header, Payload & Signature Explained (9:00)
โ Quiz โ JWT Structure: Header, Payload & Signature
๐ Preparing Student Data for Login (In-Memory DB) (21:55)
๐๐ Login Endpoint โ Verifying Passwords & Issuing JWT (39:24)
๐๐ ๏ธ Protecting Student Endpoints with JWT Authentication Middleware (14:47)
๐งช ๐ Testing Secured APIs with Swagger (JWT Authorization) (6:13)
๐งช ๐ Testing Secured Student API Using a C# Console Client (7:42)
๐ Where You Are Now โ And What Comes Next (7:21)
๐๐๏ธ Storing the Security Key (Secrets Management)
๐ Why the JWT Security Key Must Never Leave the Server?
๐ What If the Server Gets Hacked?
๐ Storing the Security Key โ Where Is the Safest Place?
๐ Storing the JWT Security Key Using Environment Variables
๐ Storing the JWT Security Key Using Azure Key Vault
๐ Using Azure Key Vault to Store the JWT Security Key (Step-by-Step)
๐ฆ Module 5 โ Authorization with Roles (Admin vs Student)
๐ Role-Based Authorization โ What Can Students and Admins Do? (13:02)
๐๐ ๏ธ Implementing Role-Based Authorization in the Student API (13:07)
๐งช ๐ Testing Secured Student API Using a C# Console Client
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock