http://bitoftech.net/2014/06/01/token-based-authentication-asp-net-web-api-2-owin-asp-net-identity/
I have look around for this kind of tutorial.
most of them use oauth 2.0 "Resource Owner Password Credentials Grant" to implement token based.
I face a problem with external login. Because "Password Credentials Grant" using a username and password to login, but if i want to let user login through their facebook account, i won't able to have a username and password.
is it authorization code grant type is the only way ?
any idea ?