How does ValidateAntiForgeryToken fit with Web APIs that can be accessed via web or native app?

Question

I\'m trying to understand how I will be able to craft an API using ASP.NET Web API which will be protected from CSRF, while still being accessible from non-web environments (e.g

Answer 1

Have a look at the SPA templates in the latest MVC4 update. They have a sample implementation for Anti-CSRF for Web API.