Topic: ASP.NET Core Identity Project Frontend vs API Backend
I am building a asp.net core application. I have a backend API (asp.net core mvc api) that separates data / database connections and standard objects (standard.net) and a web frontend project that uses asp.net core mvc with identity. I've seen examples that separates the identity user auth on the frontend and uses certs and other methods for securing the backend. My goal is to keep them isolated for security, however if I use identity on the frontend it will require access to a database which seems to negate my desire to keep the database connection isolated to the API. I'm wondering how others handle this...do you just setup a 2nd DB that holds identity information, implement identity on the API and expose it on the UI (would be different than the examples I've seen) or something else?
My solution is hosted in Azure if that helps. I plan on having an app in the future that would also require authentication and leverage the API. I'm also using .NET 5.
Would love to hear everyone's thoughts on the architecture. I've seen multiple strategies but don't seem to be anything pointing to one being better than the others. My hope/thought is to keep my API available to multiple clients but isolated to specific functions through separate controllers and DB connection further isolated to API.