0

I was assigned to design and develop an API which will expose our functionality over the web, I am fairly new to this, so I got some questions...

The Requests

  1. The API should support clients from all sorts of platforms and
    programming languages (may include some propriety platforms/devices)

  2. The API will be exposed to paying clients and secured by SSL (this is a must, money is invloved)

  3. Our code is in .NET, so WCF should be used.

After some research around the web I'm thinking about the following solution:

  1. Exposing the methods through POST/GET (other bindings if needed)

  2. For additional client identification and Authorization password and username will be sent as parameters.

  3. Should I use WCF Web API, or is it unnecessary?

In the article Exposing WCF API - Best Practices, I read that if the channel is SSL secured, then simple username/password is the simplest way for Authorization purposes

I don't know if I should elaborate and explain more, but am I on the right track?

Community
  • 1
  • 1
Mithir
  • 2,051
  • 2
  • 20
  • 36

1 Answers1

0

I don't see a reason why you shouldn't use WCF. You should have look at WCF REST programming model too http://msdn.microsoft.com/en-us/netframework/cc950529.

VJAI
  • 29,899
  • 20
  • 93
  • 155