Skip to content
This repository has been archived by the owner on Sep 18, 2021. It is now read-only.

"authorization code flow" #265

Closed
samvanity opened this issue Jul 31, 2014 · 3 comments
Closed

"authorization code flow" #265

samvanity opened this issue Jul 31, 2014 · 3 comments
Assignees
Labels

Comments

@samvanity
Copy link

First, please bear with me if I don't seem to be asking the question right.

I've watched the webapi V2 security video and the intro to oAuth 2 video by Dom on Pluralsight.

In my next project I want to use Web API v2 with Angular JS (the client) for a web app, which stores resource owners' (users) name and password (traditional authentication).

And I want to be able to let users authenticate with Google and Facebook so that I can create accounts for authenticated users on-the-fly.

I don't need the access token from Google or Facebook to get profile data for the users... I just need these social sites for authentication (so users don't have to register and I don't have to manage passwords).

And once users are authenticated (either through Google / FB or username:password directly), I want to use token based authorization for my Web APIs (the client will be the AngularJS app), instead of using cookies.

I'm sure IdentityServer V3 can help with token based authorization, but can it help with the part concerning authentication with Google / FB?

Or do I need to use Auth0? I read the article about it on Dom's site.

Thanks!

@leastprivilege
Copy link
Member

We support social logins like google and facebook. Even the standard sample host here in the repo has support for them.

@samvanity
Copy link
Author

Thanks Dom...

Please help me understand - if I use IdentityServer V3 for the scenario described, I do not need

  • MembershipReboot
  • IdentityModel
  • AuthorizationServer

Am I correct?

@leastprivilege
Copy link
Member

You need some sort of library to do the database work - this could be MembershipReboot, ASP.NET Identity or something you write yourself.

You don't need IdentityModel or AuthorizationServer.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

2 participants