Menu
I want to build a REST API, to be hosted on Azure, built from the "ASP.NET Core Web Application (.NET Framework)" template stores the identities in EF.
I want to avoid having Views etc as it clutters the codebase.
It should then be callable as described in this article (TL;DR: header authentication and POST to a /token endpoint and controllers with [Authorize]) https://blogs.msdn.microsoft.com/martinkearn/2015/03/25/securing-and-securely-calling-web-api-and-authorize/
However, I fail to find how to get to the /token endpoint in ASP.NET Core. I'm reading a bunch of stuff on JWT, Bearer, OWin, ..., and that Basic Auth is bad, but am lost on how to proceed.
The API would be used by a website and mobile apps.
What do I need and what steps do I need to take to get a "hello world" up and running?
Also, why am I seemingly the only one with this architecture?
559
There isn't a token endpoint in ASP.NET Core.
You can build a custom middleware, as explained in this article: ASP.NET Core Token Authentication Guide Or you can use an external package:
For the last, I suggest this article: Bearer Token Authentication in ASP.NET Core
If you are interested in an Angular 2 SPA with ASP.NET Core Web API that uses token authentication (through IdentityServer4), give a look at this repository: https://github.com/robisim74/Angular2SPAWebAPI (disclaimer, it's mine).
120
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
