AnsweredAssumed Answered

REST based token authentication

Question asked by Seany84 on Aug 1, 2017
Latest reply on Aug 3, 2017 by HONGXU LIU

Hi all

 

I am using Ping federated SSO in our organisation with Siteminder. 

 

I currently have a sub-domain (Windows Server 2012, IIS 8.5 and .NET 4.5 Web Forms) protected fine.

 

I am looking to expose a REST based endpoint that will allow other sub-domains to hook in to our application.

These other applications are written in a variety of technologies e.g. Angular/Node, Java etc.

 

I would have assumed the process would be something like:

  1. Client logs-in from their application (different sub-domain).
  2. Token is sent from SSO/SM to client app.
  3. Client app calls our application via REST with a token.
  4. Our application will validate the user/token against SSO/SM.

 

Is there any information someone could point me towards to see what our options are ? Our REST application is .NET Web API running in IIS 8.5.

 

thanks in advance

Outcomes