IMPORTANT!
This forum is now archived. Click here for the New Support Forum
Authentication to Access WEB API (Pro/Ultimate version)
Quote from winterharborsoftwarellc.office on June 19, 2018, 11:10 pmAs described in the thread id 70 (/forum/?view=thread&id=70), the API available at api/account/users/me is protected.
Ok, but when I log into the front-end and there is presumably a token issued, the API is still protected. I can do user administration through the front end but access to api is still denied.
My memory is a little foggy but I'm remembering a past .NET CORE SPA in which the valid token (from logging-in via front end) was presented and would permit access to the API as well as front end. The single token was good for front-end and also recognized by the .Net Core API guards. I foggily remember it rather deliberately set to work that way.
What's happening in the case of Quick App? Is it that:
- (a) it was an undesirable capability of the other SPA I remember (if I'm remembering it right),
- (b) my memory needs to reboot,
- (c) it's a stylistic choice or convention of some sort, or
- (d) it's missing code in the Quick App template? (which there seems to be a bunch of...)
Thanks
As described in the thread id 70 (/forum/?view=thread&id=70), the API available at api/account/users/me is protected.
Ok, but when I log into the front-end and there is presumably a token issued, the API is still protected. I can do user administration through the front end but access to api is still denied.
My memory is a little foggy but I'm remembering a past .NET CORE SPA in which the valid token (from logging-in via front end) was presented and would permit access to the API as well as front end. The single token was good for front-end and also recognized by the .Net Core API guards. I foggily remember it rather deliberately set to work that way.
What's happening in the case of Quick App? Is it that:
- (a) it was an undesirable capability of the other SPA I remember (if I'm remembering it right),
- (b) my memory needs to reboot,
- (c) it's a stylistic choice or convention of some sort, or
- (d) it's missing code in the Quick App template? (which there seems to be a bunch of...)
Thanks
IMPORTANT!
This forum is now archived. Click here for the New Support Forum