0
When logging in through my front-end layer, a request is sent to my authentication server which in turn returns a Bearer Token that may be saved to a cookie, for example. No doubt about it!
My problem is that my front layer requests to N other Apis and I need to be authenticated in all of them, since I can’t clear routes to receive requests without being authenticated.
How should I plan authentication?
0
You must use the same Machine Key in all API’s
in the Web.config API where you generate the token has a line stating this:
<system.web>
<machineKey
validationKey="80F23AB9386C5D204479.............." decryptionKey="5E26E9609FF8636A584A2C34671E..........."
validation="SHA1" decryption="AES" />
</system.web>
You use this same "Machinekey" key in the other API’s that they will share the same token.
Browser other questions tagged asp.net api asp.net-web-api authentication oauth2
You are not signed in. Login or sign up in order to post.