JWT Token-Based Auth with AngularJs
Recently I developed a large customer portal where users should be able to login via different authentication providers. The backend is purely written in C# where as the frontent is basically a AngularJS Application. Authentication Flow As our entry point is an AngularJS application, we decided to use the Hybrid-Authentication Flow as defined in this RFC and explained in this article ( http://www.heise.de/developer/artikel/Flexible-und-sichere-Internetdienste-mit-OAuth-2-0-2068404.html?artikelseite=2 ) Backend-Implementation From the backend perspective, the whole authentication process is delegated to the Identity Server from ThinkTecture, a C# Component which provides an OpenId-Connect (also known as OIDC) compilant authentication-server. Check it out at https://identityserver.github.io/Documentation/docsv2/ , the version 2.0 was just released a few days ago. As per this delegation, a trusted relationship needs to be established between the backend-system (a .NET App