Reputation: 314
Using IdentityServer4 with resource owner password grant
I am currently looking into IdentityServer4 to implement authentication for our Xamarin mobile apps to authenticate with our ASP.NET Core WebAPI, which would leverage ASP.NET Core Identity for authorization.
So I would basically have three projects:
IdentityServer
WebAPI
Xamarin App
Since API and Apps are all our own, I have decided to go with ResourceOwnerPasswordGrant. However, I am puzzled as to how I would implement registration.
Is it correct to assume, that all the actual account handling - registration as well as login - would need to be completely implemented within the IdentityServer project and not the WebAPI project?
How would I go about actually implementing that, considering the TestUsers from the Quickstart project is a massive shortcut to providing a functional login via ResourceOwnerPasswordGrant?
Upvotes: 1
Views: 4802
Answers (1)
Reputation: 3914
This was just published, pretty detailed and there are other options for authentication such as OpenIddict as well in a previous blog.
As for accounts, registration, and webapi entirely dependent on your setup requirements.
https://blogs.msdn.microsoft.com/webdev/2017/01/23/asp-net-core-authentication-with-identityserver4/
Upvotes: 4
Related Questions
- Question about ASP.NET Core 3 Identity / Identity Server / SPA support for Resource Owner Password Grant Type
- Identity Server 4 - Resource Owner Password Grant and Google Authentication
- IdentityServer4 Role Based Authorization for Web API with ASP.NET Core Identity
- Role Based Authorization for Web API with IdentityServer4
- Identityserver4 with resource owner password returning 401 in resource server
- Embedded IdentityServer 4 with Aspnet Identity and resource owner
- Getting claims in identity server using resource owner password
- IdentityServer4 - user permissions on the API
- Identity Server + resource owner credentials + authenticator
- IdentityServer4 Password Grant