How do I implement security for my web api that are being accessed by backend processes(windows services or local clients) using the thinktecture architecture.
What would be the flow for my authentication?
I think that the simplest solution for you is to use Client Credentials flow, when the client is using it's own credentials. You can go through this tutorial to understand what's involved: https://identityserver.github.io/Documentation/docs/overview/simplestOAuth.html