This is likely a newbie question but I’ve done quite a bit of research and have reached a limit on what the documentation can tell me.
This post is similar to but not quite the challenge I am having: Question on having one application with multiple application types
I have a .NET WPF application that the user will log into using [PKCE - Proof Key for Code Exchange]. I’ve gathered this is the ideal flow to use. The application will then connect to a series of custom APIs some of which I have written and others I have not. The custom APIs I have written will also be authenticated using Auth0.
My questions are:
- How do I obtain authorization to access the custom APIs I have written without asking the user to login again?
- How do I obtain authorization to access the custom APIs I have NOT written without asking the user to login again?
- How do I send ‘proof’ of the clients identity to the custom APIs?
Thank you in advanced!