Attribute programming plays it's role here. We can easily restrict access to an ASP.NET Web API method to be called using a specific HTTP method. For example, we may required in a scenario to restrict access to a Web API method through HTTP POST only as follows:
[HttpPost]
public void UpdateStudent(Student aStudent)
{
StudentRepository.AddStudent(aStudent);
}