0

I am struggling to understand how to implement the following scenario:

Given:

  • Custom 3rd party Identity Server that supports oAuth2 implicit flow (I don't have access to internals, only can receive token)
  • ASP.NET MVC app (Service Provider)
  • ASP.NET WebAPI (provides 'Orders' endpoint that's being accessed from MVC app)

Problem:

Need to log-in to MVC app through Identity Server and then use the received JWT token to authenticate to WebAPI when requesting 'Orders' endpoint.

Is it a possible scenario and if yes then how do I do it?

Community
  • 1
  • 1
BukeMan
  • 96
  • 4
  • Yes it is possible. There are quite a bit of resources available on this topic. Your question is very broad so I am pointing you to few resources that might help you get started https://www.asp.net/identity/overview/getting-started/aspnet-identity-recommended-resources, https://www.asp.net/mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on or take a look at this http://bitoftech.net/2014/08/11/asp-net-web-api-2-external-logins-social-logins-facebook-google-angularjs-app/ – Vinod Nov 22 '16 at 21:32
  • Check my answer here - http://stackoverflow.com/questions/32161429/combine-the-use-of-authentication-both-for-mvc-pages-and-for-web-api-pages/39797768#39797768 – Ravi A. Nov 23 '16 at 08:09
  • thanks for the links! however, I can't find any resource that explains how to implement actually a **sign-in** to MVC app using the JWT token. All resources just show how to authenticate on WebAPI side. Am I missing something? – BukeMan Nov 23 '16 at 19:34
  • My answer has the MVC piece as well (scroll down a bit in my answer). I am also putting a sample MVC app in GitHub will share the link once it is ready. – Ravi A. Nov 24 '16 at 06:31

0 Answers0