We have a site with autentication via a thid party single sign on service. We use Owin and WSFederation for users and administrators to logon to the web page.
At this point we need to add the service API and we would like to use a static username and password process for the Service API. Is it possible to configure the service API to use a different autentication provider?
If you take a look at EPiServer.ServiceApi.IntegrationInitialization module there is an Owin startup class that is executed by default. You can have your own startup as well as described here: http://world.episerver.com/documentation/Items/EPiServer-Service-API/Configuration-and-overview/Setting-up-EPiServerServiceApi/
You will not be able to call base Service Api setup code as authentication filter is registered there. You may need to setup Service Api yourself and also add your implementation of System.Web.Http.Filters.IAuthenticationFilter.
This is something I have on the backlog to be able to change this. Right now it is tied to Membership and would like to the ability to be able to use idenity
Would be great if you could open up integration and for instance provice a callback, delegate or anything else that framework will call when making Service API registration. This would allow us to inject and *configure* necessary authentication mehanisms and providers for the site.
Yeah the thought wsa to atleast to change the provider for the OAuthAuthorizationServerOptions. Dont know yet if we should allow to change the whole Auhtorization scheme since itself if that was what you were referring to.