The following is a walk through of how to deal with authentication using Identity Providers mainly Facebook.
Open https://developers.facebook.com/
Click “Add a New App”
Click “WWW”
Click “Create New Facebook App ID”
Select Category and click “Create App ID”
Go to Visual studio 2013
Create new Project name it and select “ASP.NET Web application”
Set Authentication to “Individual User Accounts” and Click Ok
Build and run your project and copy the local URL go to Facebook Development in your browser where you left off
Paste the url in “Site URL” and “Mobile site URL” in this case localhost:61617 and click next
Refresh the page click Show button near App Secret
Enter your Facebook Password
Go to visual studio
Navigate in solution explorer to App_start/start.auth.cs
Scroll down Facebook boilerplate authentication code. Paste App Id and App Secret and uncomment the three lines
Rebuild the Project and run
Once it opens in the browser click Login
On the left of the page there should be a Facebook button click it
Click okay to authorize
Enter E-mail address to associate with that Facebook account on your application
The e-mail will show every time the user is logged in.
That is how to authenticate a user using Facebook as an Identity Provider. Out of the box.
What’s else can we do with Facebook?
There a lot of things one can do with Facebook by using Facebook SDK the user can authorize your Web Site to access several Scopes. At the least one could skip the last two steps by requesting access to the e-mail and use that programmatically without the user having to type it.
The following is how to incorporate Facebook SDK in your project.
More info at http://www.nuget.org/packages/Facebook/7.0.5-beta
and https://developers.facebook.com/docs/graph-api
The guideline is do not ask for more data than your application really need, because once you lose trust of the users, your web site is dead.