I am "new" into the ASP.NET Core environment, specifically in Authentication/Authorization. And I see that is possible using cookies without identity and identity alone. And i'am trying to mixing the two together. With Identity, exactly the logout page, the logout works using "_signInManager.SignOutAsync()". Without identity, through some videos, is : "HttpContext.SignOutAsync("cookiePolicy"). And i'am asking which is the difference of both and in general cookie vs identity auth or both?
From Identity on ASP.NET Core , we can see
ASP.NET Core Identity:
Is an API that supports user interface (UI) login functionality. Manages users, passwords, profile data, roles, claims, tokens, email confirmation, and more. Users can create an account with the login information stored in Identity or they can use an external login provider.
ASP.NET Core Identity is a complete, full-featured authentication provider for creating and maintaining logins. And it is cookie based, the user's identity stored in a cookie. So a cookie-based authentication provider without ASP.NET Core Identity can be used too, and it is Use cookie authentication without ASP.NET Core Identity .
ASP.NET Core Identity serializes a user principal into an encrypted cookie and then, on subsequent requests, validates the cookie, recreates the principal and assigns it to the User property on HttpContext. If you want to provide your own login screens and user databases you can use cookie authentication without ASP.NET Core Identity.