Integrate
How to make your application talk to Modgud. Start with the walkthrough that matches your scenario, then dive into the protocol-specific pages.
Walkthroughs
- Resource server (.NET) — the most common Cocoar scenario: protect an ASP.NET Core API with Modgud-issued tokens via the
Modgud.Client.AspNetCoreNuGet package. - SaaS app walkthrough — full user-facing-app integration: client registration, login redirect, resource_access claims, role-based gating.
Protocol pages
- OAuth / OpenIddict — supported grant types, scopes, the discovery document, JWT vs reference tokens.
- Login providers (OIDC federation) — federate external IdPs (Entra ID, Google, Okta, any OIDC source) so users sign in with their existing accounts.
- Login flows — the on-wire shape of every supported user-facing flow.
- 2FA (TOTP, Email, Passkey) — enrolling and enforcing second-factor authentication.
Cookie / session integration
- Cookies & sessions — when to use the cookie-session pattern instead of OAuth (typically: internal SPAs on the same domain as the IdP).
Background work
- Scheduling (Quartz) — registering background jobs that operate against Modgud data.