I have been speaking and writing on OData for a while now. Whenever i have a speaking session on OData, one of the common question asked is Security. Since we call this as Open Data – should this be allowed for everybody or should we secure it? If we want to secure how do we go about securing the service itself.

Well its a natural question to ask about securing the services. I myself was of the opinion that it all relies on your server where you host your service i.e. IIS. But was constantly looking out for answers on this area. Finally my search ends on Astoria Teams blog on MSDN.

Astoria was the code name for what we call as WCF Data Services now. Back in the days of Mix 2007 when this concept was first made public it was code named as Astoria or technical name of ADO.NET Data Services. Later was given the marketing name of WCF Data Services and the under lying protocol was given the name of Open Data Protocol or OData for short. So the Astoria team has put up an excellent 8 part series on the topic of “OData and Authentication”. Here is the link for the same:

http://blogs.msdn.com/b/astoriateam/archive/tags/authentication/

image

Here is a link to all those posts:

Also, the Astoria team has couple of links on working with OAuth or Open Authnetication. Here are the links to the same:

As you can see Security or Authentication is an integral part of any application. Thanks to Astoria team for putting out pointers out there so that we can build upon them. Hope this helps you if you are looking out for authentication to your OData service.

Till next time, Happy Coding. Code with passion, Decode with patience.