| title | Integrate |
|---|---|
| description | Hooking your app up to Modgud — as an OAuth client, as a resource server protecting an API, or via cookie sessions for an internal SPA. |
How to make your application talk to Modgud. Start with the walkthrough that matches your scenario, then dive into the protocol-specific pages.
- Resource server (.NET) — the most common
Cocoar scenario: protect an ASP.NET Core API with Modgud-issued
tokens via the
Modgud.Client.AspNetCoreNuGet package. - SaaS app walkthrough — full user-facing-app integration: client registration, login redirect, resource_access claims, role-based gating.
- OAuth / OpenIddict — supported grant types, scopes, the discovery document, JWT vs reference tokens. Browser-only SPAs (Authorization Code + PKCE, no BFF) are supported — register the SPA's origin under the client's Allowed CORS Origins.
- Login providers (OIDC federation) — federate external IdPs (Entra ID, Google, Okta, any OIDC source) so users sign in with their existing accounts.
- Login flows — the on-wire shape of every supported user-facing flow.
- 2FA (TOTP, Email, Passkey) — enrolling and enforcing second-factor authentication.
- Cookies & sessions — when to use the cookie-session pattern instead of OAuth (typically: internal SPAs on the same domain as the IdP).
- Scheduling (Quartz) — registering background jobs that operate against Modgud data.