Inspecting mobile application APIs using Fiddler

If you’ve ever wondered what specific HTTP requests a mobile app installed on your phone is making, then wonder no more. In this brief tutorial I’ll show you how to configure your cell phone and fiddler so you can see the requests (some potentially insecure) being by apps on your phone. Install Fiddler You’ll need…

HTTP Headers Tutorial : Part 2- Authentication

Authentication is the process of determining whether a client has the required permissions to access resources on a server. HTTP uses  4 main headers to support Authentication which we will look at in this article. This tutorial is composed of several posts : Part 1- The basics Part 2- Authentication Part 3- Caching Part 4-…

HTTP Headers Tutorial : Part 1-The basics

The Hypertext Transfer Protocol (HTTP) is the driving force behind the internet. It allows communication between browsers and servers.An important component of HTTP messages is the  HTTP Header. In this series of posts we’re going to take a deep dive to understand what they are and how to use them. This tutorial is composed of…

Using access tokens in Swagger with Swashbuckle

Securing access to your API using access tokens is common practice. In this post, we’ll learn how to call secure API endpoints using the swagger specification specifically using Swashbuckle (An implementation of Swagger for .NET) Understanding Swagger Schema: This outline shows the basic structure of a swagger specification document. This file is represented in Json which…