OpenId Connect configuration in start up.cs file of Client app :
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.ClientId = azureAdConfig.ClientId;
options.ClientSecret = azureAdConfig.ClientSecret;
options.Authority = string.Format(https://login.microsoftonline.com/, azureAdConfig.Tenant);
options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.Resource = azureAdConfig.ResourceURI_Graph;
options.Events = new AuthEvents(azureAdConfig, connectionStringsConfig);
});
I want to pass the token to web api.
But how to secure web api and validate the token in api project?
from Recent Questions - Stack Overflow https://ift.tt/3mHNXcw
https://ift.tt/eA8V8J
No comments:
Post a Comment