I am trying to build a web project that will include user sign in. It will have an asp.net front-end, and an asp.net back-end. I am trying to figure out how this should work with user context and where user sign-in should happen. I believe controlling user sign in is a back-end responsibility, but it seems that many 3rd party validation methods would prefer it to be front-end. As I understand it seems that if I was using something like google or Microsoft validation. It would try to bring up a window, but that window wouldn't be seen by my user, because it was coming from the back-end that is not serving them, and is instead serving the front-end server.
should sign in occur in the front-end or the back-end of an asp.net project
996 Views Asked by nedrobme At
1
There are 1 best solutions below
Related Questions in C#
- How to call a C language function from x86 assembly code?
- What does: "char *argv[]" mean?
- User input sanitization program, which takes a specific amount of arguments and passes the execution to a bash script
- How to crop a BMP image in half using C
- How can I get the difference in minutes between two dates and hours?
- Why will this code compile although it defines two variables with the same name?
- Compiling eBPF program in Docker fails due to missing '__u64' type
- Why can't I use the file pointer after the first read attempt fails?
- #include Header files in C with definition too
- OpenCV2 on CLion
- What is causing the store latency in this program?
- How to refer to the filepath of test data in test sourcecode?
- 9 Digit Addresses in Hexadecimal System in MacOS
- My server TCP doesn't receive messages from the client in C
- Printing the characters obtained from the array s using printf?
Related Questions in ASP.NET
- Implementing Azure AD B2C Authentication in .NET 8 Blazor Project (RenderMode: InteractiveAuto)
- Azure Application Insights Not Displaying Custom Logs for Azure Functions with .NET 8
- IIS Rewrite Module exclude bots but allow GoogleBot
- Angular 16 sending null values to API
- I am the domain admin, newbie, how do I connect youtube.com on my domain?
- Dropdown list showing SQLServer2005SQLBrowserUser$DONSERVER instead of Active Directory group name in ASP.NET MVC C#
- ASP.NET Identity, Losing Ability to Login until Application Pool Recycles
- How to unprotect ASP.NET FormAuthentication cookie
- How does it work using ASP.NET FormAuthentication
- What is the purpose of a completely standalone 'this'?
- Is there a way to read .csproj PropertyGroup variable in c#
- MSBuild trying to copy different dll with similar name into project sporadically
- Minimizing IdentityServer4 Round Trips in Microservice Architecture with Ocelot
- Azure AD guest account in web app authentication user claims data
- Receiving 400 bad request on post when customer auth handler is used
Related Questions in AUTHENTICATION
- Authenticate Flask rest API
- Sends a personalised error message from the back-end to the front-end with Nuxt-auth
- How to connect Spotify PKCE Authorization Boilerplate to Login-Button in React
- Laravel SPA auth with Sanctum
- _supabaseClient__WEBPACK_IMPORTED_MODULE_1__.supabase.auth.signIn is not a function
- My openID Authentication return 'You must have either https wrappers or curl enabled.'
- How to detect the Minimization of Custom Chrome Tabs on Android?
- Wordpress redirect to homepage after successfully logged in
- How to modify the prebuilt UI of authentication in aws amplify version 6 in React Native
- Creating a login system for my website, navlist not working?
- Receiving 400 bad request on post when customer auth handler is used
- Creating Azure B2B login system with Vue.js frontend & Python Django backend
- Gradio chatbot: how to export individual conversation histories?
- Set-Cookie header not forwarded by nginx to the client
- git asking for authentication when auth.json is present while running composer update
Related Questions in GOOGLE-AUTHENTICATION
- How to add host.docker.internal to Authorized redirect URIs for google OAuth Api
- error when i click on google sign in flutter
- When I try to run, it say : Cannot read properties of undefined (reading 'firstName')
- How to verify a user on my app owns a youtube video
- How would I check a user of my website is a subscriber of a youtube channel?
- Change the app name for Firebase authentication
- Error - no kind "ClientConfig" is registered for version "authentication.gke.io/v2alpha1" in scheme "pkg/runtime/scheme.go:100"
- OIDC connect using kubernetes API to talk to kubernetes cluster
- gmailr credentials randomly (?) need re-authentication
- Get image url from profile with .imagetype in the link using FirebaseUser
- How to make through Google's IAP in Cypress?
- [Unhandled promise rejection: ReferenceError: Can't find variable: auth]
- does gcp signed url work with google pub/sub?
- Implement SSO with Google SAML
- I want to do authorization via Google using next-auth
Related Questions in MICROSOFT-ACCOUNT
- How can I retrieve a Microsoft account profile photo using MicrosoftAccountOptions in ASP.NET Core?
- I cant access my authenthicator app so ı cant access my microsoft work account
- Azure AD B2C - Unable to sign in existing live.com users in custom policies
- Multiple Microsoft account login in ASP.NET Core web app
- AADSTS50011 Error when trying to login to my react native app using Azure AD
- Render Error occurs when I launch react native app using expo go
- Any information on using the Windows "Directory Object Picker" with Azure AD etc.?
- Microsoft Authentication doesn't recognize redirect url property
- External Connection With MicrosoftIdentityWebApp And Identity
- Hashicorp Vagrant - How to authenticate against SMB if I have Microsoft Account on my windows host
- C# finding all Microsoft Accounts on machine
- Authenticating a Minecraft Microsoft account with Python
- Microsoft Graph API does not return all received mail for family and personal accounts
- Minecraft fabric using Intellij, cannot authenticate
- signInManager.IsSignedIn return false but SignInAsync was called
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Based on your comments I'll try to summarize a bit here. Do note, that this is not a coding question and should really have been asked on https://security.stackexchange.com/, but I'll give it a go.
A few keywords you should read up on:
OAuth, which you use as an example, is not an authentication protocol but an authorization protocol, which makes it important for you to understand the difference. However, OpenID Connect is a protocol/layer built on top of OAuth 2.0 and...
Copied from Wikipedia (point 8 removed to avoid confusion):
This is the flow you're asking about. The only thing the client (front end) does is follow the URLs it's provided from your application in order to visit an authentication server. This server then provides the proven identity that your client then passes on to your server again.
So bottom line is, the client/front end does not perform the authentication, that's handled by the identity provider (a 3rd party backend).