Support for Cookies and API Keys in ASP.NET Web API

Bhanu Prakash Thunuguntla 31 Reputation points
2021-11-26T09:40:30.15+00:00

I have a full set of (ASP.NET) web APIs developed in .NET 5.0 and implemented Cookies authentication scheme.

After successful authentication (user id and password) with Azure AD, cookie is generated and stores user permissions etc.

Now, we would like to expose the same set of APIs to a third party consumer using API Keys (no cookies here, api key in the request header).

I have seen articles to implement only API Keys in the solution. But what is the approach to implement API Key support to the existing working solution using cookies?

Need to add second authentication scheme in Startup.cs?

How does the .NET pipeline differentiate the request coming with cookies or API Key?

Any direction and references is appreciated.

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,772 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.