Authentication and Authorization in ASP.NET Core

One thing that really got me frustrated in WebAPI 2.0 was creating custom authentication. Eventually I found a blog post by Rick Strahl that showed how to roll your own authentication/authorization. I wanted to implement a login (Basic Authentication) with username/password that would return a token for later (Bearer Authorization) use. It was quite simple but really frustrating because there wasn’t a whole lot of documentation on the subject.

Now I want to do something similar for ASP.NET Core. But there wasn’t any documentation on that either. For ASP.NET Core I wanted to implement an OAuth 2.0 with a custom provider. But there isn’t any documentation on the subject. I’ve struggling to find a solution to it I ran across a couple of Stack Overflow.

The first one that I found really easy to follow is here The second one is here

Both of them together give a good overview of how one can create custom authentication/authorization. One thing to note is that a Claim can have the first parameter be a simple string.