I have some code that makes a call to a third party web service that is secured using X.509 certification.
NET Identity 2.1 users table (Asp Net Users) comes by default with a Boolean column named “Email Confirmed”, this column is used to flag if the email provided by the registered user is valid and belongs to this user in other words that user can access the email provided and he is not impersonating another identity.
So our membership system should not allow users without valid email address to log into the system.
The Client Id is a unique public information which identifies your application among other apps using the same back-end API.
The client id can be included in the source code of your application, but the client secret must stay confidential so in case we are building Java Script apps there is no need to include the secret in the source code because there is no straight way to keep this secret confidential on Java Script application.
To do so we need to add a service which is responsible to send emails to users, in my case I’ll use Send Grid which is service provider for sending emails, but you can use any other service provider or your exchange change server to do this.