1

I am developing a web api service which will be consumed by asp.net mvc web application and mobile apps (android and ios). My database and web api will be hosted on same server. I want to implement authentication for web api (token based). My database has a table for storing user credentials. I will have to use this database to validate the credentials when the user logs in.

Came across a few articles which suggest owin and identity server. I am confused on how to proceed and need some help in understanding a better approach.

Chethan
  • 360
  • 1
  • 2
  • 15
  • What have you attempted and what help do you need. This seems to be too broad? maybe show some code RouteConfig, Controller and Action Methods? – lloyd Aug 25 '15 at 05:32
  • Till now i have just developed a simple web api with a user controller and product controller. My database table 'Users' stores Username and Password. I want to authenticate users using this table. This is my first assignment on web api and need help in understanding the approach for token based authentication which supports mobile apps and web apps. – Chethan Aug 25 '15 at 06:38
  • 1
    Refer this link http://stackoverflow.com/questions/24296613 – Karthik Aug 25 '15 at 06:45

1 Answers1

1

you can simply implement the token base authentication

  1. when user is login to the system send the random token code
  2. cash it in the client side
  3. when client side making request to the server send the token with the request header
  4. validate the token and accept request or reject

simple way :)

LittleDragon
  • 2,317
  • 2
  • 18
  • 23
  • The challenge I faced was integrating the existing database tables to work with identity and owin. Anyway I altered the tables and customized the table names to match with the Identity server format and its resolved. But i could not find a way to do it for an existing system/database without changing the table structures. – Chethan Oct 29 '15 at 05:17