0

We have 2 web applications on Angular (FE_1, FE_2) and 3 API applications on .NET Core (see picture) Need to login at once time from one site and working between two without any additional authorization processes I mean, when we log in to site1 and receive token #1, I want this token to work with API_2 as well, and vice versa, when we log in to site2 and receive token #2, I want to use this token to work as well with API_1

Picture

So my question is how to properly configure applications in Azure and configure them internally based on the described architecture ?

Improve this question
1

1 Answer 1

Reset to default
0

Thankyou Manish. Posting your suggestion as an answer to help the other community members.

from the provided architecture in BE code add the list of valid audiences as per the below image make it to true

enter image description here

Below is the sample code where you can check the valid audience code.

services.AddAuthentication(cfg =>
{
    cfg.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    cfg.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(opt =>
{
    opt.Authority = "https://login.microsoftonline.com/common";
    opt.Audience = "api://A134d6c8-8078-2924-9e90-98cef862eb9a"; // Set this to the App ID URL for the web API, which you created when you registered the web API with Azure AD.

    opt.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuer = true, 
        ValidateAudience = true, 
        ValidAudiences = new List<String>
        {
            // you could add a list of valid audiences
            "A134d6c8-8078-2924-9e90-98cef862eb9a"
        }, 
        ValidIssuers = new List<string>
        {
            // Add tenant id after https://sts.windows.net/
            "https://sts.windows.net/{YourTenantId}"
        }
    };
    opt.Events = new JwtBearerEvents()
    {
        OnAuthenticationFailed = AuthenticationFailed
    };
});

For complete information check the SO.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.