Microsoft has a nice document explaining how to allow users to sign in to your application with their Google accounts. I was curious to see how one could go about forcing users to sign in with their organizational account. Why would you want to do this? Well, let say your company is using G Suite as its directory service. Only allowing users to sign in with their organizational (G Suite) email address means that you only have to procure users on the G Suite directory service.
I recently received a support request from a customer regarding the session lifetime once a user has signed in using Auth0 as they wanted the users to remain logged in across browser sessions. For our Auth0 integration with ASP.NET Core we have written no special middleware and instead rely on the standard OpenID Connect or OAuth2 middleware for authenticating users in MVC applications. My initial response to the user was to simply configure the cookie middleware and specify an ExpireTimeSpan:
Introduction With the explosion of web APIs it becomes much more common for applications to integrate in some fashion with external APIs. These APIs are typically RESTful APIs, and normally there will be an official wrapper available for a wide range of programming languages and platforms to allow other developers to more easily integrate with the API. Sometimes however this may not be the case. It may be that the service in question simply do not see providing a .
Introduction Almost two years ago I did a fun little experiment to see whether I could develop a Google+ OAuth provider for ASP.NET MVC 5. I then followed it up and created Yahoo and LinkedIn providers as well and decided that it was probably time to turn it into an open source project. The resulting project has been fairly successful and has 38 providers with 284 commits from 38 different contributors.
Introduction One of the SaaS tools which I like to use for all sorts of small app-to-app integrations is Zapier. If you have ever used Zapier before you may have noticed that authenticating with one of the many applications with which it integrates does not actually navigate away from the current page that you are on, but instead uses a simple HTML popup dialog to authenticate the user. For a recent project I was involved in I had to do something similar, so I have extracted the techniques into a demo application and I am writing this blog post to show how easy it is to do something like this.
Introduction I think very few ASP.NET developers realise that the ASP.NET authentication providers and ASP.NET Identity really have nothing to with each other. It is two completely independent technologies which are brought together nicely by the default ASP.NET MVC project template to allow users to sign in with the social media accounts, or link a social media sign in to their existing user account. ASP.NET Identity is the technology which provides user management, role management and authentication.
Introduction In my previous blog post I introduced the new generic OAuth 2 authentication provider which has been added to ASP.NET 5 by showing you how to configure it to authenticate with GitHub. In this blog post I will discuss two more advanced configuration options, namely requesting extra permissions via the Scope, and retrieving user information after authorization. The code I use in this blog post is mostly a straight forward copy-and-paste exercise from the sample in the ASP.
Introduction Over the past 2 years I have been involved in the OWin Authentication Providers project, which enables developers to allow users of their ASP.NET applications to sign in with a wide range of services such as GitHub, LinkedIn, Yahoo and others. It started off with a blog post on how to allow users to sign in with their Google+ accounts via OAuth, and then it went on to LinkedIn and Yahoo and before long a Nuget package was born and the number of providers grew to where it stands at 23 today.
Update: 19 May 2015 - You can view an updated video version of this on my AspnetCasts YouTube channel. The updated version is targeted for use with ASP.NET MVC 5 and ASP.NET Identity. Update: 1 April 2015 - The latest and most up to date version of this guide is available on the OAuth for ASP.NET website Turns out I had some extra time on my hands - or maybe I am just procrastinating.
Update: 1 April 2015 - The latest and most up to date version of the LinkedIn guide is available on the OAuth for ASP.NET website Update: 1 April 2015 - The latest and most up to date version of the Yahoo guide is available on the OAuth for ASP.NET website In my previous blog bost I wrote about the Google+ OAuth provider which I developed for ASP.NET Identity (OWIN). This code has since been taken over by Microsoft and will be integrated into the Katana project.