1

I recently took over a .NET core MVC project and have to extend it with an API. For authentication .NET core Identity is used. Coming from swift iOS/Mac development i started a demo project getting into it and doing some basic authentication.

When reading up on the identity on Microsofts Docs they foucs on WebApps. So my questions are:

  • Should i use identity for API authentication or is it just for internal identity Management and WebApp stuff?
  • Does identity/.NET core already offer me jwt and e.g. basic auth to initially obtain the jwt or do i have to create a lot myself?

My Goal rn is to just create jwt-auth protected routes and to be able to get a jwt with a username and a password.

Improve this question
1
  • use identity server 4 Commented Jun 25, 2020 at 11:08

2 Answers 2

Reset to default
2

ASP.NET Core Identity isn't suitable for guarding APIs, usage of other identity providers is directed by the Docs:

ASP.NET Core Identity adds user interface (UI) login functionality to ASP.NET Core web apps. To secure web APIs and SPAs, use one of the following:

  • Azure Active Directory
  • Azure Active Directory B2C (Azure AD B2C)
  • IdentityServer4

and as per the previous link:

IdentityServer4 is an OpenID Connect and OAuth 2.0 framework for ASP.NET Core. IdentityServer4 enables the following security features:

  • Authentication as a Service (AaaS)
  • Single sign-on/off (SSO) over multiple application types
  • Access control for APIs
  • Federation Gateway

So you will need to go with IdentityServer4

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks, that's what i was looking for.
1

You should use identity server4 for this.

Refer a simple example of identity server 4 to protect client with token.

identity-server4 simple example

There are a lot more things you will have to understand refer identity server 4 official doc.

Moreover you can also follow step by step identity server setup video tutorial.

Improve this answer

1 Comment

youtube.com/playlist?list=PLOeFnOV9YBa7dnrjpOG6lMpcyd7Wn7E8V ..you can refer this also ..step by step setup

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.