1

I'm developing an application using asp.net core Web API and Angular2

I want to implement authentication and authorization for my application

I want to know if it is a good choice to use identity server if have just one client(in angular 2 ) and I want that the login screen be attached to my client and not the identity server ?

Tseng
  • 61,549
  • 15
  • 193
  • 205
Anas K
  • 741
  • 2
  • 7
  • 15
  • What do you mean _"if it is a good choice"_? That depends on your requirements. – CodeCaster Apr 09 '16 at 10:05
  • I want just to implement authentication for my client and an authorization for my web API – Anas K Apr 09 '16 at 10:34
  • Please use the proper tags in future! When your quesiton is related to ASP.NET Core use "asp.net-core" tag ! NOT "asp.net" and "core", both are completely unrelated to your question. Please read the tag descriptions before adding them – Tseng Jun 05 '16 at 10:43

1 Answers1

0

As far as i understand, you want to use Token Based Authentication with following flow :

  • Client sends user cridentials(username, password) to server
  • Server generates a token and sends it to client
  • Client uses the token each secure web api calls

So, my suggest for your case:

If you use AspNet Identity, OpenIddict with password grant is an option.

If you use custom user store, use IdentityServer4 with password grant.

If you want to write your own token endpoint, take a look at Token Based Authentication in ASP.NET Core

note: password grant enable you to implement own login screen.

Community
  • 1
  • 1
adem caglin
  • 22,700
  • 10
  • 58
  • 78
  • thank you adem please can you uggest for me an article for the second option (identity server with password grant) – Anas K Apr 09 '16 at 21:34
  • you can look at IdentityServer3 client samples : https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/Clients/JavaScriptResourceOwner – adem caglin Apr 10 '16 at 18:18