public async Task <IHttpActionResult> Post([FromBody] LoginPoco assertion) { UserAccount user; if ((user = await _authManager.IsValidAssertion(assertion)) == null) { return(Unauthorized()); } var token = await _tokenManager.CreateTokenMSCLient(user); return(Ok(new LoginResult { AuthenticationToken = token, User = new LoginResultUser { UserId = user.UserName } })); }