This article looks at the login scenario for both local and social login. Web API uses OAuth2 to authenticate request, but the credential flows are different for local and social plugin.
This article demonstrates a simple app which lets the user login and send authenticated AJAX calls to a web API. The sample app uses Knockout.js for data-binding and jQuery for sending AJAX requests. It will be focusing on the AJAX calls, so you don’t need to know Knockout.js for this article.
The author will guide you through the following:
What the app is doing on the client side.
What is happening on the server.
The HTTP traffic in the middle.
Read the rest of the post here:Â http://www.asp.net/web-api/overview/security/individual-accounts-in-web-api