WebAPI 2.4 Special Security Features Jan 14 2015 DNN is 2SXC View Profile Module Development Tutorials Technical 2sxc App jquery JSON SecurityAccessLevel ValidateAntiForgeryToken WebAPI In my second mini-series about WebAPI we'll look at a real-life solution. We've already looked at HTTP-Verbs, Server- and Client-Controllers. Now we'll look at some DNN-Specials mostly related to security. Pre-Requisites I would recommend to watch the Basic-Series Parts 1.1, 1.2 and 1.3 since it explains the very basics of WebAPI. Since this is part 2.2, you would also benefit from starting with 2.1, 2.2 and 2.3. Even if you don't, make sure you have a working DNN with 2sxc 6.4 installed (see this blog for help). The App you'll install can be found in the App-Catalog - direct link here In the following 4 minute Video, I'll show you The Security-Token - and configuring the desired mode with [ValidateAntiForgeryToken] The What-Module-Am-I-On security feature …and how this relates to the current users module-permissions …and how you can change the level you require with Attributes like [DnnModuleAuthorize(AccessLevel = SecurityAccessLevel.Anonymous)] Let's go! Further links Documentation of 2sxc WebAPI Documentation of the DNN WebAPI Website of 2sxc, the download on CodePlex and the App mentioned in this blog With love from Switzerland, Daniel Daniel Mettler grew up in the jungles of Indonesia and is founder and CEO of 2sic internet solutions in Switzerland and Liechtenstein, an 20-head web specialist with over 600 DNN projects since 1999. He is also chief architect of 2sxc (2SexyContent - see forge), an open source module for creating attractive content and DNN Apps. Daniel Mettler learned programming with the bible translation computer of his parents, deep in the jungles of Indonesia. Since he was only 12 years old at that time and the BIOS only had a version of BASICA, that's what got him started. With 16 he went back to Switzerland and learned German and basic city-survival skills. Equipped with this know-how he founded 2sic internet solutions in 1999 which was focused on web solutions on the Microsoft platform. After a few self-developed CMSs 2sic switched to DNN in 2003 and has been one of the largest partners (17 employees, 700+ projects) in Europe. Daniel is also the chief architect behind the open source 2sxc, a strong promoter of standardization (boostrap, patterns, AngularJS, checklists, etc.) and loves to eat anything - dead or alive. His motto: if the natives eat it, it game.