Next, retrieve the authentication metadata document from the Exchange server and validate the signature attached to the identity token.
Finally, compute a unique identifier for the user by hashing the user's Exchange ID with the URL of the authentication metadata document.
Overall the process may seem complex, but each individual step is quite simple.
You can download the solution that contains these examples from the web at Outlook-Add-in-Java Script-Validate Identity Token.
Your Outlook add-in can send you an identity token, but before you trust the request you must validate the token to ensure that it came from the Exchange server that you expect.
The examples in this article show you how to validate the Exchange identity token using a validation object written in C#; however, you can use any programming language to do the validation.
First, extract the JSON Web Token (JWT) from a base64 URL-encoded string.
Second, make sure that the token is well-formed, that it is for your Outlook add-in, that it has not expired, and that you can extract a valid URL for the authentication metadata document.
We suggest that you use a four-step process to validate the identity token and obtain the user's unique identifier.
The new security feature design for MVC 5 is based on OWIN authentication middleware.
The benefit for it is that security feature can be shared by other components that can be hosted on OWIN.
This investigation served as a comparison to past investigations on ethnic identity in populations of African descent.
The results of this study indicated that the structure of the MEIM is consistent in this population.