OAuth 2.0

OAuth is an open standard for authorization. It allows users to approve application to act on their behalf without sharing their password.

OAuth is a protocol that lets external apps request authorization to private details in a user account without getting their password. This is preferred over Basic Authentication because tokens can be limited to specific types of data, and can be revoked by users at any time.

DotNetOpenAuth provides classes and structures which enable you to easily create OAuth Consumer or Provider and manipulate Tokens. However each both Consumer and Provider have to decide on how to handle and store the Tokens.

• ASP.NET: OWIN OAuth 2.0 Authorization Server
• Token Based Authentication in Web API 2 - Part 1
• Token Based Authentication in Web API 2 - Part 2 (Knockout.js)
• OAuth JSON Web Tokens Authentication (AngularJS)

• MVC Web API Identity
• Claim-based-security for ASP.NET Web APIs using DotNetOpenAuth
• Using DotNetOpenAuth to create OAuth Provider
• Building your own API and Securing it with OAuth 2.0 in ASP.NET Web API
• OAuth Service C#
• 2-Legged OAuth Authentication in .NET
• Embedding a simple Username/Password Authorization Server in Web API