All we need is an easy explanation of the problem, so here it is.
I want to create the web application which will be based on angularjs frontend and ASP.NET Web API. I need create the secure api but I can’t use the token based authentication on the company’s server where will be implemented this web application.
Is possible use the cookie based authentication for SPA and ASP.NET Web API?
How can I configure the cookie based authentication on the ASP.NET project for this scenario where I have the SPA and Web API?
How to solve :
I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.
The TokenBased Authentication is currently used in SPA based on BackEnd API applications is to overcome the limitation of cookiebased authentication But since you have decided to go with it then you can use OWIN cookieAuthentication middleware which will do the needful. Here’s an article showing how to configure the OWIN cookie authentication middleware in Asp.net project(No matter if it’s WebApi or MVC application).
Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂