Is possible to use cookie based authentication with ASP.NET Web API and SPA?

All we need is an easy explanation of the problem, so here it is.

I want to create the web application which will be based on angularjs frontend and ASP.NET Web API. I need create the secure api but I can’t use the token based authentication on the company’s server where will be implemented this web application.

Is possible use the cookie based authentication for SPA and ASP.NET Web API?

How can I configure the cookie based authentication on the ASP.NET project for this scenario where I have the SPA and Web API?

How to solve :

I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.

Method 1

The TokenBased Authentication is currently used in SPA based on BackEnd API applications is to overcome the limitation of cookiebased authentication But since you have decided to go with it then you can use OWIN cookieAuthentication middleware which will do the needful. Here’s an article showing how to configure the OWIN cookie authentication middleware in project(No matter if it’s WebApi or MVC application).

Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply