I am currently writing an API that needs to be secured by OAuth. The API will be serving a React SPA. So the users will hit the SPA, they will need to login there against Azure AD SSO. Once they have been authenticated I will generate a JWT and Refresh Token for them to use for the remaining session.The issue I am running into is how to prompt the user to log in. I would like it to take place on the API so I don't need to send the token over the wire from the UI to the API.I am running into many walls trying to implement the OAuth prompt on the API side. Something is telling me I should let the UI handle the authentication and just send the token through to the API.Any advice would be greatly appreciated.
Submitted September 02, 2020 at 02:49PM by chamna312
No comments:
Post a Comment