Here on the Data Services team we hear many people ask about authentication. Questions like:

• How do you ‘tunnel’ authentication over the OData protocol?
• What hooks should I use in the WCF Data Services client and server libraries?

The answer to these questions, depends a lot upon scenario, in fact each authentication scenario presents unique challenges:

• How does an OData Consumer logon to an OData Producer?
• How does a WCF Data Service impersonate the OData Consumer so database queries run under context of the consumer?
• How do you integrate an OData Consumer connecting with an OAuth aware OData Producer?
• How do you federate a corporate domain with an OData Producer hosted in the cloud, so apps running under a corporate account can access the OData Producer seamlessly?

As you can see lots of questions.

And there is a real risk that people will get their answer wrong.

How we plan to help

So over the next month or so we – the Data Services team - are going to write a series of blog posts detailing our findings as we investigate common OData Authentication scenarios.

It’s hard to know exactly where this series will take us, because that will probably evolve as we explorer the space. We’ll learn as we go – and hopefully you will too – as we document the key distinctions and lessons that we learn along the way.

And then finally when we are done we will publish a whitepaper (or three) summarizing our findings and recommendations.

So stay tuned…

Oh and please let us know if you have any Auth scenarios you want us to explore.

Alex James
Program Manager
Data Services Team
Microsoft.