We would like to use DNNs authentication from an external WebAPI so that we can use Basic Validation in the WebAPI and then validate username and password against users and roles defined in the DNN portal?

Yes, I know that DNN has it's own WebAPI (Service Framework) but it sometimes causes problems compared to standard WebAPI, like if you want to use something like Swagger etc.

What would be the best way to achieve this in DNN8?

We tried to just put the connectionstring in our web.config and the reference the DotNetNuke DLLs in our WebAPI but when we try something like this:

AspNetMembershipProvider theMembershipProvider = new AspNetMembershipProvider();
UserInfo theUserInfo = theMembershipProvider.GetUserByUserName(Null.NullInteger, "lendo");


It will fail when the GetUserByUserName tries to run the cached stuff because of this:

public override UserInfo GetUserByUserName(int portalId, string username)
{
var objUserInfo = CBO.GetCachedObject(
new CacheItemArgs(string.Format(DataCache.UserCacheKey, portalId, username),
DataCache.UserCacheTimeOut, DataCache.UserCachePriority),
_ =>
{
using (var dr = _dataProvider.GetUserByUsername(portalId, username))
{
return FillUserInfo(portalId, dr, true);
}
});
return objUserInfo;
}

I guess it all comes down to calling the ValidateUser() function in DNN. However, that seem to assume that it is running in a DNN context and crashes on GetEffectivePortalId() even if you send in a correct Portal Id. Surely there must be a simple way to verify a username and password against the default DNN Authentication from an external application??

Thank you for the suggestion Barry. In this case, I beleive that is perhaps a bit beyond the scope we are trying to solve. That said, one idea I've considered ia inplementing a DNN WebAPI exposing a method to do this. That would then run within the DNN context and should work. That said, I'm really surprised if that would really be needed for something as basic as this in a mature platform as DNN?