I have an asp.net core web application that using OpenIddict. It works fine and users can login. Now I want to add web.api hosted on separate subdomain, but because the user is already authenticated I want to somehow share that authentication. Is it possible? How can I do it? I see in the examples for OpenIddict user have to authenticate again, but I do not want that.
My Setup:
- ASP.NET Core Web App: app.domain.com
- OpenIddict server: login.domain.com
- Web API .net Core App: api.domain.com (that is new requirement)
My web application has views that display data from controllers, I want to add extra javascript logic, and I can have web.api as part of the asp.net core domain: app.domain.com/api/ in that case, it works, the authenticated shared between web application and API, but my goal is to have web.api on a separate subdomain: api.domain.com I know I have to create a Bearer token, but it is not clear how to do it without authenticating the user again. So I want somehow share ASP.NET Core web application authentication to access api.domain.com
Can you please point me in the right direction? Where to start looking?