5

I’m trying to build a Web API that uses the oauth 2 standard to authenticate users with my existing application where the Web API communicates with. Therefore I want to setup a oauth 2 server/service that checks the users with my existing applications that has users and roles. Unfortunately I can’t get a good/simple example of how to setup a service like that. So my question is do you have examples or better ideas to authenticate my users?

Improve this question
1
  • Hey jfamvg, I was wondering if you succeeded in doing this and if you have any information for me as I am trying to do the same but in mvc 5 and web api 2 and I am having troubles finding adequate information on the matter. Commented Nov 5, 2014 at 13:09

1 Answer 1

Reset to default
7

I didn't quite understand your question to be honest, so I'm not sure if you're asking about general OAuth integration or how to find an OAuth server to integrate your app with.

I'll take my chance and share some search results with you. Hope these will help.

This is a good article about oauth integration. Although it suggests to take a look at http://www.asp.net/identity first to get a better understanding of OAuth and Asp.Net integration.

http://blog.mszcool.com/index.php/2013/12/asp-net-4-5-1-webapi-general-integration-with-oauth2-and-oauth-authentication-servers/

As seen in the post, this flow can guide you to implement your own OAuth server and then you can integrate it with your WebApi.

OAuth Implicit Grant Flow

There is also this article: http://www.developerfusion.com/article/147914/protecting-your-aspnet-web-api-using-oauth2-and-the-windows-azure-access-control-service/

This one has the following headlines:

  • Why would I need an API?
  • API characteristics
  • Building an API in ASP.NET
  • Getting to know OAuth2
  • Windows Azure Access Control Service
  • Consuming an API protected using OAuth2
  • Building an API protected using OAuth2 (and Windows Azure ACS)

And finally this SO post might be helpful as well. It is about authentication using OAuth in WebApi.

Good luck!

Edit

Since you said you want to implement your own OAuth server I'm adding a couple more references about OAuth 1.0 protocol.

RFC 5849 OAuth 1.0 Protocol and there is this guide which might help you get a better understanding of OAuth workflow. enter link description here

As for the implementing part, I'm not an expert on that but, you first need to read and understand OAuth protocol so that your own OAuth server can be generic to other OAuth clients and you're actually implementing OAuth. After you understand the OAuth protocol itself, you can pretty much code your server the way you like.

Hope this extra information helps too.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for you reaction! Like the first link you posted "asp.net/identity" is how to use oAuth, but I want to create my own oAuth service so NO google NO facebook NO azure. I want my own oAuth service to authenticate. So to make a reference to your graph, I want to build that External Authentication Service.
@jfamvg I edited the answer. I added references to OAuth protocol so that you can read and get an understanding of it and code your own OAuth service.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.