Authenticate and Authorize you own this product

basic C# • basic debugging techniques • basic HTTP
skills learned
interpret an OpenAPI specification • set up and configure authentication and authorization • how to gain insight into using different mechanisms to implement authorization • dissect a JWT
Ruben Vandeginste
1 week · 6-8 hours per week · BEGINNER

pro $24.99 per month

  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose one free eBook per month to keep
  • exclusive 50% discount on all purchases

lite $19.99 per month

  • access to all Manning books, including MEAPs!


5, 10 or 20 seats+ for your team - learn more

Look inside

Boutique, a software development company, is working on a project that will automate a client’s inspection process. As a software engineer for Boutique, your task is to implement authentication and authorization in the existing ASP.NET Core HTTP API for the project according to the client’s requirements. You’ll register your application to use Google as an identity provider, configure Swashbuckle to support authentication through Google, and activate the authentication and authorization middleware of ASP.NET Core. To take advantage of ASP.NET Core’s authorization features, you’ll add additional claims to the authenticated identity per the client’s specs, and you’ll implement role- and policy-based authorization as needed. When you’re done, employees will be able to use all of the API’s functionality, and customers will have read access to their own data.

This project is designed for learning purposes and is not a complete, production-ready application or solution.

project author

Ruben Vandeginste

Ruben Vandeginste received his PhD in computer science from KU Leuven, Belgium, in 2007. Soon afterward, he began working for PeopleWare, where he’s currently a software architect and technical lead. He designs and helps implement administrative applications, with a focus on backend services built with Microsoft’s .NET stack, and he’s well-versed in implementing HTTP APIs with Web API and ASP.NET Core.


This liveProject is for C# developers who want to learn how to implement authentication and authorization in an ASP.NET Core HTTP API. To begin this liveProject, you’ll need to be familiar with the following:

  • Basic C#
  • Basic HTTP
  • Basic YAML and JSON
  • Basic debugging techniques


You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.

choose your plan


only $41.67 per month
  • five seats for your team
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • Authenticate and Authorize project for free