OpenIdDict + multiple clients and permissions?

W

west012018-10-02 19:03:47

Angular

west01, 2018-10-02 19:03:47

Hello, help me understand.
I am writing an ASPNET CORE + Angular application.
Authorization is implemented using OpenIdDict, everything works.
But there was a need to "move" users to a separate server.
Since, in the future, authorization is planned, both through the site and through the mobile application.
And here I don’t quite understand how access rights will be checked ..
Fontend (angular) " client 1 " is authorized (login, password) on the " authentication server ", receives a token.
After the fontend " client 1 " accesses the controller of its backend, which, for example, [Authorize(Roles="Consumer")]
How does the backend "", validate the token?
I would be very grateful for the " client 1 " backend configuration code

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

B

basrach, 2018-10-06
@basrach

In fact, you just need to take and configure a ready-made solution for SSO. Take a look at IdentityServer for example, it's relatively easy to install and configure. In your case, you just need to add the necessary middleware to the asp.net core pipeline.