In previous posts, we’ve got familiar with ASP.NET Web API and ASP.NET Identity. We can use ASP.NET Identity with multiple types of clients such as the desktop app, web app or mobile app for registering and authenticating users. The user will open an account with his email and password and then authenticate himself with services with registered info. If we don’t want to force user enter login data each time he accesses our services, we can get a token and use that token as the authentication key for any call to the server. Today I would like to extend our ASP.NET Web API with “Forgot Password” function so that user can reset his password in case he doesn’t remember it anymore.
In previous posts we get to know with ASP.NET Identity and use it in many platforms such as Desktop or Android application. In all of them, I used local identity management system of ASP.NET Identity which connects to local database and manages users. So if users want to use our services, they have to register an account with our systems. They can’t use their Facebook or Google account to login to our system. Today I’ll show you how to extend our services by enabling OAuth 2 so that the users can authenticate themselves with their Facebook, Google+, Microsoft or Twitter accounts. You may find a lot of tutorials out there in Internet for integrating this external authentication within a web application. Therefore I wouldn’t like to write the same thing again but I will use a WPF application as my client and authenticate with ASP.NET Identity service over external authentication of Google+. This concept can be also used for mobile application such as Android, IOS or Windows Phone.
User or account management is a must-have feature in business applications. For examples, one device should be used by many employees and the employees have different roles in the project. The apps must be able to authenticate user, authorize them and let them access the resources corresponding to their roles. We can manage all these things in app databases within our own tables or we can use AccountManager providing access to a centralized registry of the user’s online accounts. With AccountManager, the user enters credentials (username and password) once per account, granting applications access to online resources with “one-click” approval. In this blog post, I would like to make a small demo how we can integrate ASP.NET Identity service for authenticating user with AccountManager. I’ll only focus on addAccount part, the other functions will be discussed in other posts if necessary.
Following the post C# – ASP.NET Web API and ASP.NET Identity, I would like to show how we can consume a REST web service authenticated by ASP.NET Identity within Android. In this post, we’ll repeat the steps we’ve done before in .NET client but now with Java and Android. If you follow my posts before in Android section, you must be very familiar with consuming ASP.NET Web API service. We’ll use same technique again, no big deal. However, I’ll introduce some new functions in JSONHttpClient class for communication with ASP.NET Identity.
We got to know with Google, Flickr and Twitter API service in some of my previous posts. All these provide us an authentication scheme so that we can authenticate ourselves and get permissions to 3rd party resources. We have also created our own REST web services by using ASP.NET Web API for publishing data to our clients. However, until now, our web services are all simply public to everyone. Everyone can use them, even our competitors (if there’s any) 🙂 That’s not good and I also received questions if a web service can be protected by using authentication. So in this post I would like to make an introduction about new technology of Microsoft : The ASP.NET Identity. We’ll build a very simple REST web service with ASP.NET Web API and ASP.NET Identity from Visual Studio template and try to access it from a .NET client.
The ASP.NET Identity system is designed to replace the previous ASP.NET Membership and Simple Membership systems. It includes profile support, OAuth integration, works with OWIN, and is included with the ASP.NET templates shipped with Visual Studio 2013.