![]() ![]() I already read the articles on Microsoft Docs but did not fully understand everything. ![]() The roles should be configured in the AD to specify who has access to the web API and may call certain endpoints. So there are no tables for saving users, roles or anything else. We do not want to save any information about the user in the web API longer than the session exists. When the users opens the web application in a browser we want to authenticate the user against an on-premise AD using Single-Sign On (SSO) via the web API. Web Application and Web API are hosted via IIS on the same server so we implemented CORS policies. We have a Web Application (Vue3/Typescript) which gets its data from a web API (asp.net core). I am pretty new in authentication with asp.Net and although a searched the web for the last couple of days I feel like running in circles and am still not able to find a point to start from.
0 Comments
Leave a Reply. |