Monthly Archives: December 2013

Advanced OAuth2: Assertion Flow (how)

Posted on December 23, 2013 by Dominick Baier

My last post described the mechanics and motivation for the OAuth2 assertion flow. In this post I want to show you how you can use Thinktecture AuthorizationServer to implement an assertion flow scenario. For this specific example I will use … Continue reading

Posted in ASP.NET, AuthorizationServer, IdentityModel, OAuth, WebAPI | 5 Comments

Advanced OAuth2: Assertion Flow (why)

Posted on December 23, 2013 by Dominick Baier

The core OAuth2 spec defines so called flows, which are basically descriptions of the interactions between a client, a user and an authorization server to request access tokens. Another implied fact is, that the resource server and the authorization server … Continue reading

Posted in ASP.NET, AuthorizationServer, OAuth, WebAPI | 1 Comment

MSDN article on CORS in Web API 2

Posted on December 9, 2013 by Dominick Baier

Originally posted on brockallen:
My MSDN article on CORS in Web API is now out! Given the nature of CORS, I really wanted to spend much of the article explaining CORS by itself. With that understanding then it’s simple enough…

Posted in Uncategorized | Leave a comment