User authentication is a critical point in most, if not all applications nowadays. This paper contains the design and the implementation of an authentication system. The presented authentication methods and architecture focuses on both the security and the user experience aspect, since these are crucial for such systems. The finished project can communicate with external identity handler systems and can authenticate users contained in those systems. The implemented system utilizes JSON Web Tokens for user authentication, and it is also able to provide a Single Sign-On solution.
This document guides the reader from the basics to the high-level solutions. I realized a solution which gives the system the responsibility to safely handle tokens and another one which gives the responsibility to an external service to handle the token. In the latter one the paper covers the implementation steps and what steps are necessary to be taken in order to make sure the external service can be trusted. The developed architecture is implemented with ASP.NET and the C# language.