Owin WebApi 2 - Decrypting OAuth Key on a Standalone Platform

We have a WebAPI 2 project that uses an OAuth2 provider in OWIN / Katana.

Is it possible to provide a token that is generated on a different platform that does not run the same API so that they can decrypt the token and retrieve the claim? Obviously, machine keys must be synchronized; but does anyone have any experience?

I'm not selling 100% on this yet, as I am firmly convinced that I have one authorization server, however, feedback is welcome and is it really a bug or not.



source to share

1 answer

It seems that the tumbleweed spoke :)



All Articles