This demo is an out-of-the-box MVC5 application with the following additions:

1) the project settings contains a range of values that need to be set up.
These are all available from the API Manager Management portal under Security.
Set up delegation and access to the REST API.

The delegation address endpoint will be the address of your azure webservice + "ApimDelegation".
Note that SSL is enabled for Azure sites if accessed through the default domain name.

URLs should end in a "/" character.

2) Global.asax has code added to copy most of these settings to the APIMHandler class.

3) The APIMHandler class at the root performs the interactions wit the REST API, and does things like adding new users, getting single sign on ids and adding and cancelling subscriptions.

4) The standard AccountController class in the Controllers directory has been modified to register a log in with the Developer portal, and to create default subscriptions on registration.
Look at methods:
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)

and

public async Task<ActionResult> Register(RegisterViewModel model)

in addition a private method private async Task ProvisionUser(string userId)
has been added that subscribes a new user to products that don't need authorisation. You'll want something else here.

5) the RegisterViewModel class in Models/AccountViewModels.cs has had first and last name entries added because these are needed by the Developer portal.

6) An ApimDelegationController class has been added in the controllers directory.
This has a single method acting as the landing point for delegation requests.
Note that this does not check the salt and sig parameters, since there seems to be a current bug in the documentation and it's not clear which parameters to encode in which combination.

7) A BillingController class has been added to simulate billing. it has just an index method.

8) Finally a series of views have been modified or added to.
Register.cshtml has had new controls added and index views for the new controllers have been added.

There are manifold improvements that can be made to this example - for instance email validation, or two factor validation. The initial purpose is to get you started with using API Manager for more sophisticated web services.

This demo is designed to work only within Azure, and you will need to set up your own database for registration purposes, which is largely automatic with MVC 5.

Last edited Oct 24, 2014 at 10:50 AM by ConceptStrings, version 2