I will keep the github repo in sync with the major releases of Web API (like Beta, RC, RTM). Because of the changes made to Web API after beta, my current bits don’t build against the CodePlex version anymore.
Today I installed a build environment for the CodePlex bits, and migrated my code. It turns out the changes are pretty easy: Simply replace Request.GetUserPrincipal() with Thread.CurrentPrincipal ;)
I will update the repo when RC comes out.
leastprivilege.com 
Hi Dominick, Am trying to secure a sample ASP.NET web api using OAUTH. I checked out both your open source projects but was not sure which one of them would be appropriate? I am interesting in using the ‘resource owner password credentials’ flow in the OAUTH 2.0 spec as both the API and client which uses the API belong to me. Can you point to a helpful guide/blog post that shows how this could be done? I know that is quite a generic request but any pointers would be welcome.
Many Thanks
Hi,
Tt.idm.web and tt.idm.http is for token consumers. Web is for wcf and http is for asp.net web API.
Tt.idsrv. Implements the identity provider side.
Thanks Dominick, I will dig into your samples.