2

I'm working with Asp.net MVC 5 / Web API 2.

I'm authenticating users from an android app. I'm using Asp.net Identity and OWIN....The thing I can't wrap my head around is token authentication...

I've got this successfully working so that a long lived access token is sent to the client. And it can make authorized calls.

The part I'm not sure is refresh tokens. When an access token expires what should I do? do i need to store anything in DB tables? Just need a rough idea on what i need to implement

Riadh Belkebir
  • 769
  • 1
  • 11
  • 33
raklos
  • 27,188
  • 58
  • 181
  • 291
  • Possible duplicate of [OWIN Security - How to Implement OAuth2 Refresh Tokens](http://stackoverflow.com/questions/20637674/owin-security-how-to-implement-oauth2-refresh-tokens) – cassandrad Jun 16 '16 at 09:31

0 Answers0