Token store a set of data in (local

Token store a set of data in (local/session storage or cookies), these could be stored in server or client side, the token itself is represented in hash of the cookie or session.

In token based authentication, when a request comes, it should have the token with it, the server first will authenticate the attached token with the request, then it will search for the associated cookie for it and bring the information needed from that cookie.

reate an empty web application project (C#) and install the below nuget packages:

In the owin start up class, first we will initial web API routes:

Then we will use owin cookie authentication, which will store the cookie and generate the token for us:

and the last line to use web API within owin and register the configuration variable:

Till here, we have a web API application with registered routes and cookie authentication, but we do not have any controller to generate that token, so let's create a new web API controller with login method:

irst, we have created a claim and give that claims a name and id, which may be the user name and the user id.

You can register claims as much as you want. So you could put all user permisions here (as a replacement of roles), or you can put all user information you need like email address, phone… you may use any time in your application, cause claims will be easy to reach and access.

After that we registered our claims list to claims identity, which is the user identity that will store his claims.

In the last three lines, we get the owin context and sign in while passing the claims identity to it. Here owin will store our claims in a cookie and generate a token for that cookie, and the token will be returned in the request body.

At the end, when you request the login method, in the request body, you have something like the below line:

And this is the token hash.

In any request to your web API, now you should send this token in your header to be authenticated in web API.

Thanks for reading this tip.