user1387192
Reputation: 47
We we need to create two AAD Apps for front end and backend?
I am implementing single sign on with Azure Active Directory. The front end is in Angular and back end is in .net core WebApi.
I saw and example that you have to create two AAd apps one for front end and one for back end why we have to create two apps?
Upvotes: 2
Views: 434
Answers (1)
juunas
Reputation: 58733
The main reason you define two apps is so that you can acquire and use an access token with the API. Without that, you could only use an Id token, which should not be used for authorization in an API. An Id token is only meant for the client that triggered the login. When calling an API, you should use an access token for that API.
Upvotes: 1
Related Questions
- Setup SPA Frontend and Backend as separate Azure AD App Registrations
- How to implement AAD multitenant app in c#
- Azure AD On-Behalf-Of authentication with separate frontend and backend applications
- AAD API Role Based Authentication
- how to implement authentications using Azure Active Directory for Web API and angular app
- Is it possible to login in ASP.NET WebApi application with Individual account , Microsoft account and Azure AD account
- Azure AD application roles
- Microsoft Azure - same login for windows app and web app
- How can I use AAD for an Azure version of "Windows Authentication" from a Web App to a Web API App?
- ASP.NET 5 API - Azure AD B2C