I've been reading about the istio authservice which seems to be great fit to abstract the OIDC integration away from app. https://github.com/istio-ecosystem/authservice
However, I'm not able to find any details on whether it can only be used by client side app e.g. SPA or can it be used by ASP.NET server-side?
From what I read, the authservice issues a session id token to client. By this, I assume that only SPA type app can use this service?