-
-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feature request: Provide a tutorial when protecting API resource #16
Comments
I succeeded to make it worked thanks to the below code. On the Proxy API that forward calls:
On a backend API:
I can provide a full working example if you want to. |
Hey @kjbtech for the Backend API it would be cool to see how it works. |
hi @kjbtech can you check the new Blazor WASM sample? the readme includes the sample for fetching JWT for API resources. |
Hi @gao-sun , |
Hi @gao-sun, Your samples shows more how to use LogTo in the front-end directly. |
Hey @gao-sun, It covers a working example with the wasm sample that you provided. |
What problem did you meet?
In my case, I have a kind of SPA that calls a Proxy API that redirect calls on backends APIs.
SPA need to auhenticate itself on the Proxy API. That works fine.
Then, the proxy API forwards HTTP calls to APIs that he protects.
In that matters, Proxy API wants to use the token that authenticate SPA, and forward it to the backends API.
To do so, regarding the fact that the example use Cookies to store the issued token, when forwarding, I have to get the access token for resources.
You have a tutorial part about API protecting (see https://github.com/logto-io/csharp/blob/master/src/Logto.AspNetCore.Authentication/docs/tutorial.md#api-resources).
However, I do not understand how it could work (maybe because I'm not an expert at OIDC).
Describe what you'd like Logto to have
A working example or an explanation on what I had wrong.
The text was updated successfully, but these errors were encountered: