Explain ASP.NET Identity

Asp.Net Membership has evolved over the years. Now web is more social. People are using facebook, twitter and other sources. Users are now demanding the way where they can login with the facebook accout, twitter accout or any other social account. The concept of login with username and password that they have registered on your own application has been gone. A modern membership system must enable redirection-based log-ins to authentication providers such as Facebook, Twitter, and others.

Asp.net Identity has developed with following goals:

1. One ASP.NET Identity system

• ASP.NET Identity can be used with all of the ASP.NET frameworks, such as ASP.NET MVC, Web Forms, Web Pages, Web API, and SignalR.

• ASP.NET Identity can be used when you are building web, phone, store, or hybrid applications.

2. Ease of plugging in profile data about the user

• You have control over the schema of user and profile information. For example, you can easily enable the system to store birth dates entered by users when they register an account in your application.

3. Persistence control

• By default, the ASP.NET Identity system stores all the user information in a database. ASP.NET Identity uses Entity Framework Code First to implement all of its persistence mechanism.

• Since you control the database schema, common tasks such as changing table names or changing the data type of primary keys is simple to do.

• It's easy to plug in different storage mechanisms such as SharePoint, Windows Azure Storage Table Service, NoSQL databases, etc., without having to throw System.NotImplementedExceptions exceptions.

4. Unit testability

• ASP.NET Identity makes the web application more unit testable. You can write unit tests for the parts of your application that use ASP.NET Identity.

5. Role provider

• There is a role provider which lets you restrict access to parts of your application by roles. You can easily create roles such as “Admin” and add users to roles.

6. Claims Based

• ASP.NET Identity supports claims-based authentication, where the user’s identity is represented as a set of claims. Claims allow developers to be a lot more expressive in describing a user’s identity than roles allow. Whereas role membership is just a boolean (member or non-member), a claim can include rich information about the user’s identity and membership.

7. Social Login Providers

• You can easily add social log-ins such as Microsoft Account, Facebook, Twitter, Google, and others to your application, and store the user-specific data in your application.

8. Windows Azure Active Directory

• You can also add log-in functionality using Windows Azure Active Directory, and store the user-specific data in your application.

9. OWIN Integration

• ASP.NET authentication is now based on OWIN middleware that can be used on any OWIN-based host. ASP.NET Identity does not have any dependency on System.Web. It is a fully compliant OWIN framework and can be used in any OWIN hosted application.

• ASP.NET Identity uses OWIN Authentication for log-in/log-out of users in the web site. This means that instead of using FormsAuthentication to generate the cookie, the application uses OWIN CookieAuthentication to do that.

10. NuGet package

• ASP.NET Identity is redistributed as a NuGet package which is installed in the ASP.NET MVC, Web Forms and Web API templates that ship with Visual Studio 2013. You can download this NuGet package from the NuGet gallery.

• Releasing ASP.NET Identity as a NuGet package makes it easier for the ASP.NET team to iterate on new features and bug fixes, and deliver these to developers in an agile manner.