Reputation: 90
Passing authorization token to Odata client
I've been trying to consume an authorized ASP.NET Odata Web API by using an Odata client. I do know how to set the header with the token for the client, but where should the token be kept for re-use?. Because the Authorization header has to be set with each request, not just once. To be more precise, this is what I am down to:
- Get user's credentials, pass them back to the API.
- Get token.
- Set the header for the Odata client with the token value.
I am struggling with the actions to be taken between 2nd and 3rd step: Where should the token be kept, so you could keep setting the Odata client Header with it?
This is how I set the authorization header value.
EDIT: In regards to the comment, I might've not clearly specified the issue. The problem arises, because controllers will be created for every request and will be garbage collected "sometime after" the request has completed. So, the token value will be gone.
Upvotes: 2
Views: 2294
Answers (1)
Reputation: 2090
have a look here, they are storing it in a cookie. If you do not want to expose the actual token on the client side, store it somewhere near your e.g. user profile / session, or store the token with a generated id in a lookup-table and save the id to a cookie.
this is another approach using ASP.NET Identity and ApplicationCookies
Upvotes: 1
Related Questions
- Simple Odata Client - How to add oAuth Token in each request header?
- How to add Bearer token to Simple OData Client
- Pass the username and password in Authorization headers for OData
- How to pass authentication header (basic) to OData Service from a .NetClient
- Simple.Odata Client using windows authentification
- Sending login credentials from client to OData service
- Send Authorization cookie when calling OData service
- Simple Web Token (SWT) Authentication in Web Api 2 OData endpoint
- How to implement custom authentication on OData
- Using OAuth with OData