ContextQMD
Back to Devexpress

Connect a .NET Desktop Client to a Secure Backend Web API Service (EF Core with OData)

windowsforms-405146-data-access-security-connect-to-secure-o-data-service.md

latest3.6 KB
Original Source

Connect a .NET Desktop Client to a Secure Backend Web API Service (EF Core with OData)

  • Mar 06, 2025
  • 5 minutes to read

This help topic explains the fundamentals of designing a distributed application with a separate backend and frontend, focusing on a WinForms UI client and ASP.NET Core Web API based on OData v4, Entity Framework Core (EF Core), and the DevExpress Web API Service as the backend.

In distributed systems, separating the backend and frontend is extremely important for several reasons:

  • Security-First Design

  • Cross-Platform Support and Reusability

  • API Flexibility with OData

Key Components

  1. ASP.NET Core Web API

  2. Entity Framework Core (EF Core) and OData v4

  3. DevExpress Web API Service

  4. WinForms UI Client

Demo App for .NET 8

Our sample Windows Forms application demonstrates the following:

  • How to build a data model for application business entities and security policies with EF Core.
  • How to securely load data from OData endpoints to a WinForms UI client using the DevExpress Data Grid.
  • How to activate authentication and authorization for the WinForms application using Web API endpoints (powered by the DevExpress Backend Web API Service).
  • How to create a login form.
  • How to customize UI/UX for a given user based on associated access permissions.

View Example

Play the following animation to see the result:

Implementation Details

Frontend (WinForms)

  • Implements a Login form.

  • Implements a responsive desktop UI.

  • Uses the ODataInstantFeedbackSource to bind the WinForms Data Grid to the OData service in Instant Feedback Mode.

  • Displays data fetched from the backend securely without a direct database connection.

Backend (ASP.NET Core Web API + OData)

  • Handles data access through EF Core and exposes data through RESTful services using OData v4.
  • Supports flexible querying, filtering, and pagination through OData.
  • Implements authentication, authorization, and business logic to ensure that only authorized users can access and manipulate data.

View Example

Important Disclaimer

Important

These deployment recommendations do not apply to all possible configurations and should not be considered comprehensive. We offer these instructions as a getting-started reference. Steps may vary depending on your operating system, installed software, and DevExpress versions. You, the developer, are responsible for the application, database, network, and other configurations based on your client, security, environment, and other requirements. We recommend that you review these settings with your database, network, and IT infrastructure administrators and consider their recommendations tailored to your case.

See Also

Connect a .NET Desktop Client to an ASP.NET Core WebAPI Service Powered by EF Core

Connect a .NET Desktop Client to a Backend Using a Middle Tier Security Server (EF Core with WebSockets)