{"id":1303,"date":"2010-05-10T13:19:24","date_gmt":"2010-05-10T13:19:24","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/odatateam\/2010\/05\/10\/odata-and-authentication-part-1\/"},"modified":"2010-05-10T13:19:24","modified_gmt":"2010-05-10T13:19:24","slug":"odata-and-authentication-part-1","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/odata\/odata-and-authentication-part-1\/","title":{"rendered":"OData and Authentication \u2013 Part 1"},"content":{"rendered":"<p>Here on the Data Services team we hear many people ask about authentication. Questions like:<\/p>\n<ul>\n<li>How do you \u2018tunnel\u2019 authentication over the OData protocol? <\/li>\n<li>What hooks should I use in the WCF Data Services client and server libraries? <\/li>\n<\/ul>\n<p>The answer to these questions, depends a lot upon scenario, in fact each authentication scenario presents unique challenges:<\/p>\n<ul>\n<li>How does an OData Consumer logon to an OData Producer? <\/li>\n<li>How does a WCF Data Service impersonate the OData Consumer so database queries run under context of the consumer? <\/li>\n<li>How do you integrate an OData Consumer connecting with an <a href=\"https:\/\/en.wikipedia.org\/wiki\/OAuth\">OAuth<\/a> aware OData Producer? <\/li>\n<li>How do you federate a corporate domain with an OData Producer hosted in the cloud, so apps running under a corporate account can access the OData Producer seamlessly? <\/li>\n<\/ul>\n<p>As you can see lots of questions.<\/p>\n<p>And there is a real risk that people will get their answer wrong. <\/p>\n<h3>How we plan to help<\/h3>\n<p>So over the next month or so we \u2013 the Data Services team &#8211; are going to write a series of blog posts detailing our findings as we investigate common OData Authentication scenarios.<\/p>\n<p>It\u2019s hard to know exactly where this series will take us, because that will probably evolve as we explorer the space. We\u2019ll learn as we go \u2013 and hopefully you will too \u2013 as we document the key distinctions and lessons that we learn along the way.<\/p>\n<p>And then finally when we are done we will publish a whitepaper (or three) summarizing our findings and recommendations.<\/p>\n<p>So stay tuned\u2026<\/p>\n<p>Oh and please let us know if you have any Auth scenarios you want us to explore.    <\/p>\n<p><a href=\"https:\/\/twitter.com\/adjames\">Alex James<\/a>     <br \/>Program Manager     <br \/>Data Services Team     <br \/>Microsoft.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Here on the Data Services team we hear many people ask about authentication. Questions like: How do you \u2018tunnel\u2019 authentication over the OData protocol? What hooks should I use in the WCF Data Services client and server libraries? The answer to these questions, depends a lot upon scenario, in fact each authentication scenario presents unique [&hellip;]<\/p>\n","protected":false},"author":512,"featured_media":3253,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[15,48],"class_list":["post-1303","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-odata","tag-authentication","tag-odata"],"acf":[],"blog_post_summary":"<p>Here on the Data Services team we hear many people ask about authentication. Questions like: How do you \u2018tunnel\u2019 authentication over the OData protocol? What hooks should I use in the WCF Data Services client and server libraries? The answer to these questions, depends a lot upon scenario, in fact each authentication scenario presents unique [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/posts\/1303","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/users\/512"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/comments?post=1303"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/posts\/1303\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/media\/3253"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/media?parent=1303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/categories?post=1303"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/odata\/wp-json\/wp\/v2\/tags?post=1303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}