For my company, I have to make a POC to check if we can use wsFederation authentication for our project, which has a MVC app, some webapi controllers, and some signalR hubs, all in differents projects. We'd also like to use the OWIN authentication middleware in both the client apps and the Identity provider app.
I use Thinktecture Identity Server v2 as the Identity provider for a start (but we'll have to develop ou own at some point). For the MVC app, it's pretty straight forward and it works fine, using a SAML2 token.
But now things get a bit more complicated as I'd like an authenticated user on the web app to be able to call a controller method from the web api app (which is different of the MVC one, remember), using ajax calls.
I've read many things about delegating and actAs tokens, but I'm a bit lost and don't where or how to start this part. Also, i can't find anything about delegation using OWIN authentication.
So my first question is : is it possible to achieve this ? And then : could someone point me in the right direction?