Topic:   ASP.NET Core Identity Project Frontend vs API Backend
Feb 18, 2021 11:31 1 Replies 33 Views TEJA

I am building a asp.net core application. I have a backend API (asp.net core mvc api) that separates data / database connections and standard objects (standard.net) and a web frontend project that uses asp.net core mvc with identity. I've seen examples that separates the identity user auth on the frontend and uses certs and other methods for securing the backend. My goal is to keep them isolated for security, however if I use identity on the frontend it will require access to a database which seems to negate my desire to keep the database connection isolated to the API. I'm wondering how others handle this...do you just setup a 2nd DB that holds identity information, implement identity on the API and expose it on the UI (would be different than the examples I've seen) or something else?

My solution is hosted in Azure if that helps. I plan on having an app in the future that would also require authentication and leverage the API. I'm also using .NET 5.

Would love to hear everyone's thoughts on the architecture. I've seen multiple strategies but don't seem to be anything pointing to one being better than the others. My hope/thought is to keep my API available to multiple clients but isolated to specific functions through separate controllers and DB connection further isolated to API.

Prev Next
Topic Replies (1)
  1. 1
    idnkx user

    PARTH

    I would use SSL for the Identity WebApi. WebApi's purpose is to work with different clients using Rest. So mobile clients should have no problems.

Leave a Reply
Guest User

Not sure what course is right for you?

Choose the right course for you.
Get the help of our experts and find a course that best suits your needs.


Let`s Connect