WebAuth is an OpenID Connect server based on ASOS and ASP.NET Core 1.0

• Create "ConnectionString" in appsettings.json file
• Create generalsettings.json file template
• Fill Db configuration
• Fill fields:
  • ServiceUri - Url to API service
• Your generalsettings.json file is ready

The application with the following data needs to be added to the Backoffice:

• Application Name (will be used on the confirmation page)
• Application Id (client id)
• Secret key (client secret)
• Redirect uri (redirection URI to which the response will be sent)

The WebAuth server works according to the OpenID Connect specification.

The following URIs are accepted:

• Authorization endpoint path is /connect/authorize
• Logout endpoint path is /connect/logout
• Token endpoint path is /connect/token
• Userinfo endpoint path is /connect/userinfo

OpenID Connect uses the following OAuth 2.0 request parameters with the Authorization Code Flow:

• scope REQUIRED OpenID Connect requests MUST contain the openid scope value.
• response_type REQUIRED OAuth 2.0 Response Type value that determines the authorization processing flow to be used, including what parameters are returned from the endpoints used. This value is code.
• client_id REQUIRED OAuth 2.0 Client Identifier.
• client_secret REQUIRED OAuth 2.0 Client Secret.
• redirect_uri REQUIRED Redirection URI to which the response will be sent. This URI MUST exactly match the Redirection URI value for the Client pre-registered.
• state RECOMMENDED Opaque value used to maintain state between the request and the callback. Typically, Cross-Site Request Forgery (CSRF, XSRF) mitigation is done by cryptographically binding the value of this parameter with a browser cookie.

Possible scope values:

• profile This scope value requests access to the 'given_name', 'family_name' and 'documents' Claims.
• email This scope value requests access to the 'email' Claims.
• address This scope value requests access to the 'country' Claims.