Consider you want to expose a REST API that requires authentication using two security keys: an API Key and an App Identifier. When calling this method, API clients must include the API Key and the App Identifier the request, and the method must validates those values to authenticate the client. Which of the following steps is not recommended to support this scenario?
A) Validate the authentication keys in the OnAuthentication callback Action associated with the exposed REST API.
B) Define the logic to read the API Key-App Identifier pair or every request to the REST API in its OnRequest callback Action.
C) Create an Entity to hold the API Key-App Identifier pairs that are used to successfully authenticate all requests to the REST API.
D) Set the Authentication property of the exposed REST API to Custom.
Hi Ranjith,
Validating API key an APP id will be in ON AUTHENTICATION.
We need to set authentication property to Custom. We need an entity to hold the API key and APP id pair. So that we can write custom logic to validate the API key and APP id.
So, the answer is B.
Regards,
Wasimkhan S