Monthly Archives: March 2014

The Web API v2 OAuth2 Authorization Server Middleware–Is it worth it?

Posted on March 24, 2014 by Dominick Baier

Adding the concept of an authorization server to your web APIs is the recommended architecture for managing authentication and authorization. But writing such a service from scratch is not an easy task. To simplify that, Microsoft included an OAuth2 based … Continue reading →

Posted in AuthorizationServer, IdentityServer, Katana, OAuth, OWIN, WebAPI | 18 Comments

OAuth2 and OpenID Connect Scope Validation for OWIN/Katana

Posted on March 4, 2014 by Dominick Baier

In OAuth2 or OpenID Connect you don’t necessarily always use the audience to partition your token space – the scope concept is also commonly used (see also Vittorio’s post from yesterday). A while ago I created a Web API authorize … Continue reading →

Posted in IdentityModel, Katana, OAuth, OpenID Connect, OWIN, WebAPI | 3 Comments

Monthly Archives: March 2014

The Web API v2 OAuth2 Authorization Server Middleware–Is it worth it?

OAuth2 and OpenID Connect Scope Validation for OWIN/Katana

Recent Posts

Categories

Tweets

Feed

Archives