Many people asked me how all the moving parts of Thinktecture.IdentityModel, IdentityServer and ASP.NET and Web API relate to each other. And quite frankly, reading my old blog posts does not always help – a lot of things have changed, some links are broken etc…
I decided to re-write my big Web API security sample – and this time I will properly document it while I go. Topics will include authentication scenarios (Basic Authentication, SAML, JWT, session tokens, Hawk), authorization, auditing and other Web API security extensibility points.
You can also follow the status here.