Last post Apr 01, 2014 09:39 AM by BrockAllen
Apr 01, 2014 12:48 AM|kettch|LINK
I'm starting to work on an MVC 5.1 application, and I'd like to build a Web API project in order to back it with the aim to enable other clients to use the API in the future. The MVC application will be using the new OAuth 2.0 stuff to use MS Accounts and
Google Authentication. Is there are recommended path to allow the authentication to flow from the MVC application (or mobile/other applications in the future, providing they are using OAuth) to the WebAPI application?
Apr 01, 2014 09:39 AM|BrockAllen|LINK
The new OAuth2 stuff from microsoft is best used for local clients (not 3rd party) -- you can get it to work but the more features you want form OAuth2 the harder it is. If you want to open your app and do more "real" OAuth2 style (true delegated authroization)
then unfortunately it doesn't work as well for that sceanrio. Some food for thought: