This article completes an important piece of the puzzle for me related to how I can implement OAuth 2.0 using WCF in a manner that integrates with a user-centric data model. More on the construction of this system, which services mobile applications via a secure REST web service interface later…
OAuth 2.0 With Or Without Azure and WCF Services
Overview
This article provides a great introduction on how to use OAuth 2.0 in Azure using the AppFabric to protect WCF services.
Details on Azure support for OAuth 2.0 can be found Access Control Service CodePlex project provides code samples for implementing this in environments outside of Azure.
Implementation Notes
In order to implement OAuth in any meaningful way, there must be a method to create tokens and SAML to represent the set of “claims” supported depending on the connection method (web server or user-agent), client calling application, and user credentials. A set of FAQ’s related to using Windows Identity Foundation for this can be found here.
