I am trying to set up an application consisting of a front-end Next.js (client + server) application with a Asp.Net Core Web API. So there are two servers and one client.
Next.js has a nice library called nextAuth which allows using Azure Ad B2C as provider, see here: **nextAuth Docs**
I have been struggling for a few days to implement authorization as everything is still a bit new to me, so I have a lot of trouble distinguishing what I need and what are details for later.
I simply want to authenticate users on the front-end client and authorize the front-end server and the web api server endpoints.
What would a proper way to achieve this?
Do you need to implement Azure Ad B2C on both the front-end server and web api server?
Do you need to keep Azure Ad B2C to only the front-end server and then implement jwt tokens (with JWT AddAuthentication Asp.Net Core) from server to server?
I would really appreciate any input!