Hi folks,
I've got an API setup. When the user provides an invalid/missing API key, I'm trying to set the Response.StatusCode to 401, something keeps bouncing me to my login page. It's an API ... so I don't want that. I wish to send them the json error message with the code being 401.
url for this sample api is : /api/search/foo?apikey=12345&bar=hi+stack+overflow
What have I done wrong?
Here's some sample code :-
// Do we have an Api Key that is legit?
if (!CheckAPIKey(context))
{
json = JsonConvert.ExportToString("Invalid API key or no API key was provided.");
context.Response.StatusCode = 401; // Not authorised.
}
else
{
... get json data ...
}
context.Response.Write(json);
Also, i have the following in my web.config, if this helps...
<authentication mode="Forms">
<forms loginUrl="~/Pages/Login.aspx" protection="Validation" timeout="1000000000" requireSSL="false" slidingExpiration="true" defaultUrl="Default.aspx">
</forms>
</authentication>
Any ideas?