Good document/tutorial for Api authentication (with reactjs)

Question

I understanding Reactjs and asp net core pretty good
I have create a simple web site with route, search, create, delete and update features with react as a front-end framework.
the only thing that is left is to build a good authentication/authorization system
were users can register, login and see there personal data.

I have tried to follow authentication from youtube videos.
but they are either outdated or not very clear.

I have created a authentication and authorization with razorpages before
So I do have some experience with it. but i dont have any experionce with api authentication
were can I find a good trusted document tutorial were I can read and learn everything on how to create a good authentication/authorization system

Answer 1

You asked a similar question recently. Typically, remote Web API services are secured by a token. It's the same concept as authorization in Razor Pages. The client gets a token from an authentication service by passing a username and password. The client sends this token to gain access to secured resources.

I recommend going through the IdentityServer4 quick start docs. IdentityServer4 is a feature rich and configurable OAuth/OIDC token server. The quick start illustrates how to secure Web API and configure different types of clients including JavaScript. Read the big picture doc first. It explains the security problem OAuth/OIDC IdentityServer4 solves.

ASP.NET Core comes with JWT support if you want to roll your own API authorization logic. There are a lot of easily found blogs, tutorials, and forum posts. on this subject.

The community has no idea what is not clear to you and what you consider outdated. You need to be a bit more specific if there is something you do not understand. Explain your design goals. Provide code samples that illustrate what you are trying to do.