External API access #651
Replies: 3 comments
-
you can have [AllowAnonymous] attribute similar to UsersController.cs "self-register" API and validate internally. |
Beta Was this translation helpful? Give feedback.
-
Would it be possible to use the JWT tokens for individual login as is now and then register an external service on Azure i.e. something like client credentials flow which would then access the API with an access token given from Microsoft Identity? |
Beta Was this translation helpful? Give feedback.
-
If anyone's wondering I made a working example with my own repo. I followed this tutorial
And for the authorization to be able to differentiate between the two types I had to specifiy the AuthenticationScheme in the Authorize attribute like this:
|
Beta Was this translation helpful? Give feedback.
-
Hi, I was wondering how this application would work with an externall API? I mean, considering the authorization is based on role claims which are coupled to a specific user. User A has role X and Y, and therefore has permission 1 and 2 based on the table Roles, RoleClaims and UserRoles.
But what if you want to give access to an external API that needs access to certain resources, like creating a new Brand or listing all Brands. In this case there wouldn't be an ApplicationUser and therefore the mapping of roles to a user wouldn't make sense, since the external API would use an access token and wouldn't be registered as an ApplicationUser.
In this case it would be more like ExternalAPI A has rights to read brands, and ExternalAPI B has rights to read and write to Brands, but there is no ApplicationUser.
Or am I missing something?
Beta Was this translation helpful? Give feedback.
All reactions