I have a .NET6 Blazor wasm application https://invoicis.com. The app was built using standard Blazor wasm template with individual accounts authentication and hosted options turned on. The Client application uses http calls to get and send data to the server. The Server project has controllers to perform various functions. Controllers use the [Authorize] attribute to allow only authenticated access. All is well and good.
Now I want to make all the APIs that I have in my Server project available to third party applications. How should that be accomplished?
- Should I create a new API project and rewrite all the code that I have in my existing controllers into the new API project?
- How will third party access to my APIs be authenticated? Right now invoicis.com uses the built in Identity Server to register and authenticate clients. The controllers use the same authentication. The login page lets users login and then the APIs just work. So my questions is if I make the APIs available to third party, how will they (1) register and (2) login so they have access to my controllers? What is the standard way of doing this?