Aqueduct has types to manage authentication and authorization according to the OAuth 2.0 specification. The following tasks are important for this behavior:

  • Creating AuthServer instances to enable OAuth 2.0 in an Aqueduct application
  • Using ManagedAuthDelegate<T> to manage storage of authorization objects, e.g. storing tokens in a database.
  • Using AuthCodeController and AuthController to expose endpoints for exchanging credentials for authorization tokens.
  • Adding Authorizers to a channel to allow only authorized requests.
  • Managing OAuth 2.0 Client identifiers, secrets and scopes with the aqueduct auth tool

Authorization Objects