AddAuthentication causes havoc with AddDefaultIdentity in Aspnet Core 3.1

Question

I created a aspnet core website with local identity storage.

services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
                .AddEntityFrameworkStores<ApplicationDbContext>();

Worked fine. Then I added social authentications according to the manual, and it works fine.

Next I added api authentication as in the Xamarin.Essentials documentation. It states that before social authentication I must do AddAuthentication.

services.AddAuthentication(o =>
{
    o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}).AddCookie();

When I add those lines, the working login doesn't work at all anymore. The pages looks like they work, but the user is never in the logged in state.

What happens to AddDefaultIdentity when I AddAuthentication?

Answer 1

You can only have one Default authentication scheme in you application. AddDefaultIdentity is adding a cookie authentication as default authentication scheme and it's what Identity is working with.

When you add a new authentication for APIs, you are overriding the DefaultScheme here o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; which was what Identity works with.

If you want a new authentication scheme for APIs, you should just add the authentication without setting the default authentication and give it a name,

services.AddAuthentication()
    .AddCookie("A_NEW_SCHEME_NAME", ... );

and add AuthorzieAttribute for this authentication scheme at your controllers/actions.

[Authorize(AuthenticationSchemes = "A_NEW_SCHEME_NAME")]