Menu
I am working on an ASP.NET MVC 4 app with WEB API. THe MVC client makes a call to WEB API for authorization and receives a token in return. Or another pre authorized brower might just pass the token to MVC client and this will not need re authorization from MVC client. I would like to store this token for further WEB API calls. And i dont want to store it in a cookie as well. Any pointers on how to achieve this will be helpful.
349
You can use session token support
With the session token support you could do it like this:
Use an arbitrary supported credential (e.g. a password) to request a session token. The session token endpoint is built right into the authentication handler.
The session token response contains the token itself and an expiration time.
Afterwards throw away the bootstrap credential and store the token instead.
When the token has expired, the user has to re-authenticate to obtain a new token. Then start over.
This is very similar to e.g. the Google IDs long lived authentication cookie. They establish an SSO session for a limited amount of time (approx. 2 weeks), then you have to enter your password again.
For more information check this out Session Token Support for ASP.NET Web API
I hope this will help to you.
100
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
