question

Knippert-7843 avatar image
0 Votes"
Knippert-7843 asked Bruce-SqlWork answered

Azure Ad B2C: from client to server to another server?

I am trying to set up an application consisting of a front-end Next.js (client + server) application with a Asp.Net Core Web API. So there are two servers and one client.

Next.js has a nice library called nextAuth which allows using Azure Ad B2C as provider, see here: **nextAuth Docs**

I have been struggling for a few days to implement authorization as everything is still a bit new to me, so I have a lot of trouble distinguishing what I need and what are details for later.

I simply want to authenticate users on the front-end client and authorize the front-end server and the web api server endpoints.

What would a proper way to achieve this?

Do you need to implement Azure Ad B2C on both the front-end server and web api server?
Do you need to keep Azure Ad B2C to only the front-end server and then implement jwt tokens (with JWT AddAuthentication Asp.Net Core) from server to server?
Something else?

I would really appreciate any input!





azure-ad-b2cdotnet-aspnet-core-webapi
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

alfredorevilla-msft avatar image
0 Votes"
alfredorevilla-msft answered

Hello @knippert-7843, Next.js Azure Active Directory B2C provider looks great for the React client app. Besides that, you need to add authentication and authorization to your .NET Core API. Take a look to Enable authentication in your own web API by using Azure AD B2C for detailed steps.



Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it so that others in the community with similar questions can more easily find a solution.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Bruce-SqlWork avatar image
0 Votes"
Bruce-SqlWork answered

The real question is how you are calling the asp.net core webapi. Is the next.js server calling as a proxy or do you plan on the react client code calling the api directly.

If you want to call the core webapi directly from the client, then it is more complex. The webapi will have a different scope than the next.js scope. The access token will be different for each site.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.