Our JwtProvider was working fine, but it lacked some quite important features that had to be implemented as well in order to use it in a production-ready application such as the one we're aiming to build. To enable us to do that, we also identified OpenIddict, a viable open-source OAuth2/OpenID Connect provider that leverages ASP.NET Core Identity and ASOS, as a viable alternative, thus giving ourselves the choice between going for it and sticking with our handmade solution.

As soon as we chose our path, we implemented some external OAuth2 authentication providers such as Facebook, Google, and Twitter. The first was also the toughest one, as we needed to create our web API interface and understand how to properly handle the various scenarios ...