I try to implement tool LTI 1.3 Integration with Blackboard LMs with using ASP core.
I read spec https://docs.blackboard.com/lti/tutorials/implementation-guide
According to this spec I have to have next links
Login Initiation URL
Tool Redirect URL(s)
Tool JWKS URL
As I understand I have to implement own Identity Server
Am I right ?
Maybe someone can give me example ?
Related
Is there support for Client Certificate Authentication in Swagger UI? If yes, could someone provide an example of enabling it in a solution using asp.net core 5 and Swashbuckle, or point me to a url which has a good example of the same.
The idea is to implement Single-sign on using the given technical stack (ASP.NET CORE WEB API, IdentityServer4, ReactJS - Front end)
ASP.NET Core Identity together with IdentityServer4 offers an extensions for Single-Sign-On (Google, Microsoft ect.) for MVC framework. However, a proper guidance is not given for a WEB API scenario.
Please provide me an example or a tutorial, which I can follow in this regard?
Thanks in advance.
*** Update ***
Would be great if an example is given for the flow of events on this scenario, as to how should the communication happen between the Front end application and the backend.
I am starting a project with ASP.NET Core as an API Server and Angular 6 for the Frontend part but i am a bit lost with which exactly is the right way to authenticate users with the Identity Framework.
I read the documentation on http://docs.identityserver.io and also checked also the samples on github https://github.com/IdentityServer/IdentityServer4.Samples
Which is the correct way to authenticate users for my project ? I think i need the section "Using ASP.NET Core Identity" or "Adding User Authentication using OpenID Connect or "Adding Javascript Client" but i am not sure.
Which one best suits me?
I am using mvc 4 web api project template. i have USERMASTER table which contains usename and password for different users.
Now i dont know what authentication is for web api????
how to stop invalid users to access it? ?
Let's say i m using fiddler to call web api. at that moment how can i stop invalid user.( i mean using tool like fiddler we can call web api. so i can stop invalid call not made by the valid user)
Moreover, i wish that user A can access only 5 web apis and user B can access all web apis from my project.
Is it possible???
i know how to use web api.
but i dont know about authentication and authorization process.
please help me.
I m using angularjs to call web apis.
Yes all this is possible but you need to use ASP.NET Web API 2 (.NET framework 4.5) you can find detailed source code and blog posts starting here including AngularJS Authentication using Web API, it should makes things clearer for you.
I'm working on segregating the authentication part of my ASP.net MVC4 application using DotNetOAuth 2.0, Which will means that one project will do only authentication and send out response,based on response it will have access to other application.
The Idea is to get any application or project added later on use one common authentication process.
First thing came to my mind was building a service, in the process a read a lot about Web API and think it can help to achieve what I'm looking for.
Please suggest if you guys have implemented something like this or whats's the best practice.
Should i go with API or service, any link or sample to direct is appreciated
ASP.NET Web API is also a service - a RESTful service. The choice of using a "Service" although is good your underlying authentication platform will define what you should be using.
WCF is much more than a web service where as a Web API is pure HTTP service.
If you expect all your "applications" to be web based then there is no reason why this cannot be a Web API.
This article might be something that should help you decide on your authentication model: http://www.asp.net/web-api/overview/security/external-authentication-services