ASP.NET WebAPI Security 1: Introducing Thinktecture.IdentityModel.Http

Over the course of the next posts I will describe the security options you have when writing services using the new ASP.NET WebAPI.

Before I start digging into the gory details, all the sample code and concepts I will show are implemented in the newest incarnation of Thinktecture.IdentityModel:

Stay tuned!

This entry was posted in IdentityModel, WebAPI. Bookmark the permalink.

7 Responses to ASP.NET WebAPI Security 1: Introducing Thinktecture.IdentityModel.Http

  1. Eric B says:


    Have you thought about doing a set of “getting started” screen casts like you did for StarterSTS? Maybe along the lines of setting up basic auth in : 1), 2) mvc, and 3) web api

  2. Matthew Belk says:

    I am trying to use the “JavaScriptClients” sample and continue to get errors just trying to get the token. The error.statusText shows “No Transport.” I am running the JS samples project in the VS2012 development server while I am running the main WebHost project in my local machine’s IIS7 context. When I try to request the /api/identity action just in the browser, everything works and I can see the identity and the subsequent token via /api/token. Any suggestions? I have changed all of the endpoint hostnames from “adfs.thinktecture.vm” to my local IP address and have also changed the “https://” monikers to “http://”


  3. Hm – that should work (works on my machine ;)). Use a browser debugger (F12 in chrome / Fiddler) to see if this reveals more information.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s