Search code examples
asp.net-mvcasp.net-web-apiasp.net-identity-3

Enabling both Cookie authentication and ASP.NET Identity authentication in an MVC project

I have an MVC site with both MVC controllers and WebApi controllers using cookie authentication. However, I'd like some of the WebApi controllers to authenticate using an Identity 3 server. I checked this answer but the property AuthenticationScheme is not available probably because I'm using Identity 3 (or maybe it's part of .NET core, which I'm not currently using).

How do I issue the corresponding Bearer and Cookie identity in ASP.NET with multiple Authorization schemes?

How could I tell some WebApi controllers to authenticate against an Identity 3 server?

Solution

  • Figured it out, this is possible using the method app.Map and indicating inside it the path and the authentication method. Something like

            app.Map("/mobile", idsrvApp =>
        {
            idsrvApp.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
            {
               ...
            });
        });

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
         ...
        });