Where to create new users when using IdentityServer4?

B

babaevmm2022-02-14 16:02:56

ASP.NET

babaevmm, 2022-02-14 16:02:56

I am developing a system on Net Core 5. It is supposed to be a "web face" on ASP Net MVC and several Web APIs. Corporate system: user creation is possible only by admins, i.e. there will be no self-registration by the user. It is also planned to allocate access to the API to third-party systems. It was decided to use IdentityServer for authentication and authorization. I looked at several examples and lessons on IdentityServer, but they do not differ much from the main examples of identityserver4 itself. There may even be a question about the concept of OpenId. I understand that when I want to access a resource, I am thrown to the page for entering the login and password of the IdentitySever itself (I have implemented it as a separate subproject), then after successful authentication, we go to the requested page of the main site.
Of course, I suspect that this should be done by the main MVC project and not by the Identity server, but how then is information transmitted to the authentication server?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

Victor P., 2022-02-26
@Jeer

Hi,
Role-Based Authorization allows you to delimit functionality. That is, you can make one site, who will have user management roles, will see the item in the menu and the page itself.
It is easier for the development and development of the system to separate the client part and the admin panel, if they do not intersect - two web muzzles.
Also, if third parties will use the APIs, look at other authentication methods, for example, read about JWT tokens