I have been researching Authentication & Authorization using ASP.NET Web API 2 for about 2-3 weeks & after lot of researching & reading I am able to agree upon the basic architecture for my project.
My project currently consists:
- ASP.NET Web API 2 backend (OWIN/Katana)
- Android App
I am referring Cross-client Identity to generate access_token & refresh_token for the Web API 2 project; where access_token is generated on Android App for the Web API using GoogleAuthUtil.getToken()
The access token (bearer) doesn't work on Web API and is remarkably shorter in length as compared to the one generated at the Web API side using OWIN Middleware.
I think I am accurately following all the steps correctly, unless I am doing something fundamentally wrong.
