Hey there, i got my app like this:
-front on react.js
-next.js backend/routing
-backend on asp net core.
At first, i configured the react+next part to be where the authentication is handled, but then I discovered it’s not recommended to pass the auth0userId string to the backend on api calls. So I tried adding the authentication somehow on the backend part as well so i can access user claims. But I can’t figure out how to do it. I’m looking at the example solutions and “quickstart” tutorials, but should I be looking for asp.net core ones, or keep the react+next part and add something on the asp.net core part? What should be the correct flow there?
Thank you for posting your question. I think you are on the right track. I’m leaving a few links so you can better understand the topic.
The SPA interacts with the authorization server to get the ID, access, and refresh tokens. Then, the SPA uses the ID token to get data about the user, the access token to call an API, and the refresh token to get a new access token once it expires.