AnsweredAssumed Answered

REST based token authentication

Question asked by Seany84 on Aug 1, 2017
Latest reply on Aug 3, 2017 by HONGXU LIU

Hi all


I am using Ping federated SSO in our organisation with Siteminder. 


I currently have a sub-domain (Windows Server 2012, IIS 8.5 and .NET 4.5 Web Forms) protected fine.


I am looking to expose a REST based endpoint that will allow other sub-domains to hook in to our application.

These other applications are written in a variety of technologies e.g. Angular/Node, Java etc.


I would have assumed the process would be something like:

  1. Client logs-in from their application (different sub-domain).
  2. Token is sent from SSO/SM to client app.
  3. Client app calls our application via REST with a token.
  4. Our application will validate the user/token against SSO/SM.


Is there any information someone could point me towards to see what our options are ? Our REST application is .NET Web API running in IIS 8.5.


thanks in advance