Comments on: Claim-based-security for ASP.NET Web APIs using DotNetOpenAuth

By: J.M.

J.M. — Thu, 16 May 2013 22:25:08 +0000

I was a little confused by the code in the Protocal Independent Issuer. The code is loading up a public and private key. I had thought that OAuth did not require SSL. Do I need to buy certificates?

By: Akila Kumarasamy

Akila Kumarasamy — Wed, 08 May 2013 22:49:44 +0000

Hi,

Its a good example, Can I know how to add different claims with the claim type in the OAuthIssuer? Also, the OAuthIssuer throws BAD REQUEST error if the client has the latest nuget package on the DotNetOpenAuth. How can we fix this? Can you please help?

By: Secure Web Services on Windows Azure Web Sites for Windows Store Applications - Dr. Z's Blog - Site Home - MSDN Blogs

Thu, 13 Dec 2012 17:51:08 +0000

[...] An example of “Claim-based-security for ASP.NET Web APIs using DotNetOpenAuth” is available from a Microsoft application development manager Zulfiqar Ahmed at http://zamd.net/2012/05/04/claim-based-security-for-asp-net-web-apis-using-dotnetopenauth/ [...]

By: Analysis on Claim-based-security for ASP.NET Web APIs using DotNetOpenAuth « Md. Marufuzzaman's Blog

Sun, 09 Dec 2012 14:41:55 +0000

[...] short analysis on the “Claim-based-security for ASP.NET Web APIs using DotNetOpenAuth” (http://zamd.net/2012/05/04/claim-based-security-for-asp-net-web-apis-using-dotnetopenauth/?goback=%2…). Few things I tried to short out are listed [...]

By: Adhikesh

Adhikesh — Mon, 08 Oct 2012 04:49:25 +0000

This is good sample, how can we make the request for refresh the token? how the parameters looks like?

By: Adhikesh

Adhikesh — Thu, 04 Oct 2012 07:27:18 +0000

Hi zamd,

I am getting HTTP 400 Bad Request, when giving request from the fiddler
Please help me

By: Dervanil Junior

Dervanil Junior — Thu, 23 Aug 2012 19:30:53 +0000

Hi good sample, but i’m having some trouble, could you help me?
I need to call the api via JavaScript but i couldn’t find what header i need to set.

By: zamd

zamd — Thu, 19 Jul 2012 05:14:12 +0000

Hi, client_id & client_secret represents the username & password.

By: Alex

Alex — Sun, 15 Jul 2012 13:26:12 +0000

Thanks for the code. It’s going to help tremendously on a current project. I do have one question – you mentioned you were going to use a password grant. But I do not see that anywhere. Shouldn’t the username/password be passed in as form url encoded parameters to the issuer?

By: bradirby

bradirby — Wed, 11 Jul 2012 17:15:55 +0000

BTW, you must install the Microsoft Windows Identity Foundation for the sample code to work.
http://msdn.microsoft.com/en-us/evalcenter/dd440951.aspx