Want to master Clean Architecture? Go here: bit.ly/3PupkOJ Want to unlock Modular Monoliths? Go here: bit.ly/3SXlzSt Join a community of 1000+ .NET developers: www.patreon.com/milanjovanovic
Nice, I work on an application that supports multiple authentication providers, but this your code is so much clean and easier to understand, thanks for sharing this Milan!
Nice. I coincidentally did a pretty similar thing yesterday, where I wanted to support Cookie auth OR JWT auth. Took a bit of time to figure out the existence of AuthorizationBuiler and the DefaultPolicy
Amazing, it was a masterful explanation, what happens when I have several clients coming from keycloak and I need a certain client to access a certain number of enpoints, how do I do this?
Great Video, quick question, how do we tie a particular controller method to a specific jwttoken, ex: api/getusers should use keycloak, api/getadmins should use supabse
Authorize[AuthenticationSchemes: "custom_scheme_name"] I may have missed the exact syntax, but you can specify the scheme you want to use for a given controller/endpoint
@@MilanJovanovicTech But if I put both schemes , the middleware will make public cert verification requests to both endpoints . Need to use AddPolicyScheme with forward selector
Let say I have a server app with the multiple different client apps, some apps use built-in authentication in the server app and some uses Microsoft Entra ID withe the same server app, so how am I going to accomplish this?
Want to master Clean Architecture? Go here: bit.ly/3PupkOJ
Want to unlock Modular Monoliths? Go here: bit.ly/3SXlzSt
Join a community of 1000+ .NET developers: www.patreon.com/milanjovanovic
Díky!
Thank you very much!
This is absolutely useful , thank you Milan!
@@mreshboboyev Glad you enjoyed it. This has been asked many times in the channel, so figured I'd cover it.
Nice, I work on an application that supports multiple authentication providers, but this your code is so much clean and easier to understand, thanks for sharing this Milan!
Glad it helped!
Awesome! I was thinking about this for a multitenant app where each tenant can define its own auth provider, and this seems pretty helpful for that.
That's a great idea!
Exactly what I needed. Thanks!
Awesome
Nice.
I coincidentally did a pretty similar thing yesterday, where I wanted to support Cookie auth OR JWT auth.
Took a bit of time to figure out the existence of AuthorizationBuiler and the DefaultPolicy
Nice work!
Great video!
Thanks!
Amazing, it was a masterful explanation, what happens when I have several clients coming from keycloak and I need a certain client to access a certain number of enpoints, how do I do this?
Check out Keycloak authorization
Thank you!
You're welcome!
Mr please.. I need to know what is you opinion about ABP framework and it is important to learn it?
Can't say
Wow, its no necessary add policyscheme to select the scheme to validate?
But you can if you want to
Great Video, quick question, how do we tie a particular controller method to a specific jwttoken, ex: api/getusers should use keycloak, api/getadmins should use supabse
Authorize[AuthenticationSchemes: "custom_scheme_name"]
I may have missed the exact syntax, but you can specify the scheme you want to use for a given controller/endpoint
@@MilanJovanovicTech But if I put both schemes , the middleware will make public cert verification requests to both endpoints . Need to use AddPolicyScheme with forward selector
Hi, do you know how to change the secret key while the API is running? I would like to be able to externally change secret in certain situations.
Update the ENV var
And a multitenant API where each tenant has its own user pool?
But same auth provider?
@MilanJovanovicTech yes. For example, using cognito, each tenant has its own user pool. And each user pool can have its own AD integration
Is Microsoft Entra ID work same way?
In what way do you mean?
Let say I have a server app with the multiple different client apps, some apps use built-in authentication in the server app and some uses Microsoft Entra ID withe the same server app, so how am I going to accomplish this?
How to secure jwt access token in SPA (Single Page Application)
Same-site + Secure cookie
@@MilanJovanovicTech BFF can secure the access token ?
Thx!
Any time