1

I'm making use of Identity for my Web API. I am successfully able to retrieve an access token by providing the username and password, but I'm not entirely sure what to do with it afterwards. I am thinking about storing it in a cookie, but I'm not sure whether or not this is bad practice. If it is, what would be better alternatives to this solution.

I don't want to let a user login every time he visits the website, so because of that I'm looking for ways of storing the access token. I have been searching the web (and SO) for solutions to this problem, but did not find a suitable answer. I found the following question that's similar, but did not get an answer: Where to store OAUTH2 access token in mvc5 web app.

Thanks in advance for your suggestions!

Improve this question
2
  • You might find more success finding an answer if you expand your search so it's less MVC-centric: "OAuth2 storing access tokens". There's some info here and on another S.E. site. Also, you may need to specify 1) which grant type you're using 2) who's auth server and where it exists 3) lifetime of access and refresh tokens Commented Oct 14, 2015 at 17:46
  • Thanks for the links, those are useful! Commented Oct 16, 2015 at 15:24
Related questions
3
asp.net MVC/WEB API - How to store authorization token
5
How should the Web API access token be stored?
3
REST service authentication : where to store user credentials?
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.