Oauth 2.0 stream for multiple API authentication using an authentication server

Asked

Viewed 98 times

0

When logging in through my front-end layer, a request is sent to my authentication server which in turn returns a Bearer Token that may be saved to a cookie, for example. No doubt about it!

My problem is that my front layer requests to N other Apis and I need to be authenticated in all of them, since I can’t clear routes to receive requests without being authenticated.

How should I plan authentication?

1 answer

0

You must use the same Machine Key in all API’s

in the Web.config API where you generate the token has a line stating this:

<system.web>
<machineKey 

validationKey="80F23AB9386C5D204479.............."              decryptionKey="5E26E9609FF8636A584A2C34671E..........." 
validation="SHA1" decryption="AES" />
</system.web>

You use this same "Machinekey" key in the other API’s that they will share the same token.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.