I have a web application that I would like to use authenticate using MembershipReboot for a subset of users but internally I would also like to use Active Directory.
What's the best practice of authenticating a single web application with two different authentication models? Any code samples would be great.
For this scenario you'll need a
UserServicefor Membership Reboot. This will mean when users log in to Identity Server using the local username & password fields they will use Membership Reebot. You can find thisUserServicehere.To also use Active Directory you need to configure it as an external identity provider. This will then provide users with the option to log in using their AD credentials.
If you want to specify in your requests which provider to log the user into, check out the
acr_valuesparameter of the Authorization endpoint or theIdentityProviderRestrictionsproperty of the Client class.