Welcome to our MCH Login Service Sample Site

Learn about building Web apps with ASP.NET Core.

This sample site contains several examples:

• for registering with our MCH Login services,
• for managing the profile data of the registered user,
• for protecting site content,
• for accessing such protected content,
• for the communication with other sites that are also protected by our MCH Login services,
• for the communication with the ticket shop of our ticket provider, which supports our MCH Login services but not SSO,
• for refreshing the access token at every request

Manage the profile data of the registered user

In /Account/ManageUserProfile registered users can manage their profile data.

We read and write the profile data via the protected ManageUser Rest API of our MCH Login service

Raw profile data of the registered user

In /Home/Protected you can see all the possible profile data with the the data needed to create the profile.

We read and write the profile data via the protected ManageUser Rest API of our MCH Login service

Communication with the ticket shop

In order to transfer the login of the registered user, we append the access token in a redirect to the ticket shop URL.

Due the expiration of the access token, we refresh it at every request. In this way we can ensure that we transmit a valid access token.

Get your profile information depending to the OAuth scope of your OAuth login client

Users who are logged on with the oauth client "MCH.MVP.WebClient" dont have the scope "dz.profile". The request to their profile data will be forwarded by the azure API Management Service to login.mch-group.com