We are trying to implement a BFF authentication pattern for a new Blazor WASM application. A pre-existing API has the endpoint 'api/Authentication/web'.
I am using this method for testing. It returns a token embedded in a cookie. How can I be sure it's working?
function authenticateMe() {
var endpoint = 'api/Authentication/web?auth_type={0}&redirect_uri={1}';
endpoint = endpoint.replace("{0}", "ping");
endpoint = endpoint.replace("{1}", "http://localhost:7176/");
window.location.href = apiUrl + endpoint;
}
When I make a subsequent call with credentials, I receive a 403 error.
Ultimately, I want to log the user in when they visit the app's homepage and use the cookie provided by the endpoint to make API calls to the same API. I'm lost as to how to link everything together. Can anyone explain what I'm missing?