AddDefaultTokenProviders: what is it and how to use those "default providers"?

Question

I found this in my Startup.cs file in ConfigureServices in a default Visual Studio 2015 ASP.NET 5 project:

services.AddIdentity<ApplicationUser, IdentityRole>()                 .AddEntityFrameworkStores<AuthorizationDbContext>()                 .AddDefaultTokenProviders(); 

What does it exactly do, and how to use those "default providers"? Does it configure all token-based authentication for me? Where can I read more about it?

Answer 1

Despite their name, the token providers have nothing to do with token authentication: they are exclusively used to generate opaque tokens for account operations (like password reset or email change) and two-factor authentication.

There are currently 3 built-in providers:

• DataProtectorTokenProvider: as the name suggests, it uses the data protection block (machine keys' equivalent in ASP.NET Core 1.0) to serialize encrypted tokens that can later be deserialized by the server.

• EmailTokenProvider and PhoneNumberTokenProvider: these providers are derived from TotpSecurityStampBasedTokenProvider, which implements the Time-based One-time Password Algorithm (TOTP), a protocol designed to produce user-friendly and short tokens that can be sent in a SMS or in an email.

ASP.NET Core 1.0 doesn't offer native token authentication support (only token validation is supported: you can't produce your own tokens). You can read these SO posts for more information:

• Simple JWT authentication in ASP.NET Core 1.0 Web API.
• Web API Authentication in ASP.NET 5.
• Configure the authorization server endpoint.