Search code examples
c#thinktecture-ident-serverthinktecture-ident-model

IdentityServer3 get user token by username and password post REQUEST

I found this tutorials for authenticate and get token from identity server by username and password:

http://leastprivilege.com/2013/11/13/embedding-a-simple-usernamepassword-authorization-server-in-web-api-v2/

https://identityserver.github.io/Documentation/docs/overview/simplestOAuth.html

https://github.com/IdentityModel/Thinktecture.IdentityModel/tree/e6cf193dbffbe1dc3a15848106807983ec503c22/samples/OAuth2/EmbeddedResourceOwnerFlow

everywhere is written that url is then like:

&grant_type=password&username=aa&password=aa

my question is if I need like in example also EmbeddedAuthorizationServer or I can call directly SSO server?

I would like to post username and password to SSO server and return back token. Is it possible?

Solution

  • IdentityServer3 supports the so called resource owner password credential flow.

    https://www.rfc-editor.org/rfc/rfc6749#section-4.3

    https://identityserver.github.io/Documentation/docsv2/endpoints/token.html

    https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/Clients/ConsoleResourceOwnerClient

    So the answer is yes.

    EDIT: Fixed dead IdServer-Link as the documentation moved to docsv2