This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 31%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJA%3C/text%3E%3C/svg%3E)
Hi,
How does Token Authentication if I want to have my own Xamarin Auth app, similar to Microsoft Auth, Authy, etc?
Where can I find more resources?
is there a standard API calls for it? because it seems that you can add any app on Authy for example and it will automatically work.
Kindly advise.
Thanks,
Jassim
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 87%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Hi, assimAlRahma-9056. Try using WebAuthenticator class to add user authentication. The WebAuthenticator class supports to use your own web service for authentication. For more details, please refer to this doc: https://learn.microsoft.com/en-us/xamarin/essentials/web-authenticator?tabs=android
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
tokens are passed with the Authorization http header
Authorization: Bearer <token value>
the server should verify the token is valid typically with some encrypted known value.
typically you supply an api to generate a token. a internet standard for the api is oauth:
a common bearer token format is jwt:
but how do you add the services? for example, if you use Authy, all you need is to scan the QR code, same process for all apps, and then it will be just added.. similarly, you can add the service to the Microsoft Auth app...
for example in below image its asking for the key? How can I generate and read the key for my app? and is it unique?
The key is generated by the web server, scanning the qr code is just to get the saved info of qr code. The key works like an id created by the server, the id is unique.
but that does mean I can generate any key and let Authy scan it or there is a standard way of generating the key?
The key is the created by the web server, and you can determine how to generate the key.