Hi, @tekbyts
Here is an article of How to secure a Web API built with ASP.NET Core using the Azure AD B2C.
It demonstrates an ASP.NET Core Web App application calling an ASP.NET Core Web API that is secured using Azure AD B2C.
- The client ASP.NET Core Web App application uses the Microsoft Authentication Library Microsoft Authentication Library (MSAL) for .NET to sign-in a user and obtain a JWT access token from Azure AD B2C:
- The Access Token is used as a bearer token to authenticate the user when calling the ASP.NET Core Web API.
The client web application essentially takes the following steps to sign-in the user and obtain a bearer token for the Web API:
- Signs-in the user with local or social identities.
- Acquires an access token for the Web API.
- Calls the Web API using the access token as a bearer token in the authentication header of the Http request. The Web API authorizes the caller (user) using the ASP.NET JWT Bearer Authorization middleware.
------
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best Regards,
Michael Wang