Reputation: 1008
Understanding OAuth authorization code flow with Angular, ADFS and .NET Web API
I have a AngularJS Web Application that requests data from API written in .NET Web API.
Now, I have ADFS 3.0 OAuth configured with my client ID and redirect URL(https://www.someredirecturl.index.html) utilizing Authorization Code Grant Flow.
I also have a .NET Web API that returns some values. For e.g https://www.example.com/showData
Whenever, i call the URL, the ADFS Login screen shows up.
Then, the browser is redirected to my Redirect_URL with the authorization code. For e.g https://www.someredirecturl.index.html?code=xxxxxxxxx
Then, i capture the code and send it to the ADFS server( POST REQUEST ) to get the token.
Now, i have the token.
After this step, i should be able to call my API https://www.example.com/showData with Authorization Code: Bearer + token.
But, how does it work without writing anything at the server side. Do i have to read the headers with key Authorization, extract the token? What is the best way to do this?
At any point, will i see data on the browser directly, or it will always be called by some program sending headers.
What if www.example.com is a website. and www.example.com/api is a resource endpoint. How to merge the two of them. can user login to www.example.com when he would enter his credentials on ADFS. How to redirect from Redirect_URL with authorization code?
Upvotes: 0
Views: 938
Answers (1)
Related Questions
- Configuring ADFS for ASP.Net Core 2.0 , Angular 4 application
- Authentication & Authorization with Azure AD for Angular - API application
- Angular 2 Authenticatication with on-prem ADFS
- On Premise ADFS 3.0 OAuth2 WebApi + AngularJS
- Asp.NET Core use scopes from ADFS to authorize access to web api
- authenticate Angular 2 against ADFS via Web API
- Authentication to ASP.NET Web Api using ADFS
- ADFS/Web Api/Angularjs with Single Signon
- API authentication with ADFS and Angular.js
- AngularJS with .NET Web API: Authentication with AD