2

I'm working with Asp.net MVC 5 / Web API 2.

I'm authenticating users from an android app. I'm using Asp.net Identity and OWIN....The thing I can't wrap my head around is token authentication...

I've got this successfully working so that a long lived access token is sent to the client. And it can make authorized calls.

The part I'm not sure is refresh tokens. When an access token expires what should I do? do i need to store anything in DB tables? Just need a rough idea on what i need to implement

Riadh Belkebir
  • 797
  • 1
  • 12
  • 34
raklos
  • 28,027
  • 60
  • 183
  • 301
  • Possible duplicate of [OWIN Security - How to Implement OAuth2 Refresh Tokens](http://stackoverflow.com/questions/20637674/owin-security-how-to-implement-oauth2-refresh-tokens) – cassandrad Jun 16 '16 at 09:31

0 Answers0