0
falsharif created
HI Team, first of all thanks for always being prompt on answering my questions.
This is a bit of a noob question but i would appreciate your help.
I am integrating with a delivery company to process my orders and ive created this appservice with an endpoint for the delivery company to call when they change status of my order :
public class SwftBoxAppService : DukkantekAppService, ISwftBoxAppService
{
private readonly IRequestsManager _requestsManager;
private readonly IRequestRepository _requestRepository;
private readonly IDataFilter _dataFilter;
public SwftBoxAppService(IRequestsManager requestsManager, IRequestRepository requestRepository,
IDataFilter dataFilter)
{
_requestsManager = requestsManager;
_requestRepository = requestRepository;
_dataFilter = dataFilter;
}
[HttpPost]
public async Task Update(SwftBoxWebhookInput input)
{
using (_dataFilter.Disable<IMultiTenant>())
{
var request =
(await _requestRepository.GetQueryForNavigationPropertiesAsync()).SingleOrDefault(c =>
c.Request.RequestNumber == input.merchant_order_id);
if (request == null)
{
throw new UserFriendlyException("Could not find this request");
}
await _requestsManager.UpdateSwftBoxWebhook(request, input);
}
}
My question is , how do i secure this enpoint for them to use.
shall i be creating a new client for them in identity clients ? How do i give them an API KEY or something to access that endpooint ??
2 Answer(s)
-
0
hi
You can take a look this: https://identityserver4.readthedocs.io/en/latest/quickstarts/1_client_credentials.html
-
0
This question has been automatically marked as stale because it has not had recent activity.