0

I have a working app with MVC5 and Web API (both different IIS applications) using Forms Authentication and Bearer token. Yes, they must remain two separate IIS applications. I am using the auth token as the username in my Forms Authentication cookie and that's how I am able to pass the token back and forth from MVC and Web API.

I am also using Asp.net Identity 2.0.

I would like to take Forms Authentication out of the equation and just use Owin Authentication but the User.Identity.IsAuthenticate is always false in my MVC app when I do have a Bearer Token issued.

Can anyone point me to code showing how I can remember auth token between MVC and Web API w/o Forms Authentication?

Improve this question

2 Answers 2

Reset to default
1

All your machineyKey on web..config should be the unified, do not generate machineKey using any online tool, please generate them using power-shell. You can find more about this by reading my blog post here.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

All machineKey of your webconfig files must be the same for domains that will share athentication.

Check this answer about how to set it.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.