Hi,
I have a .NET Core Angular app that has been setup to make secure calls to an API using but I’m getting a 401error when the client application makes the call to the API.
This issue has been reported several times, but none of the previous posts provide a solution.
I used the auth0-angular
SDK as per the guidance in the Complete Guide to Angular User Authentication and the instructions the from the Authorization for ASP.NET Web APIs blog post to setup authorization for the API. I can securely access the API endpoint using the API’s swagger instance as per the blog, but when I try to connect from the client app I get a 401 whether I’m local or in a deployed environment. Below is my implementation.
What am I missing?
I can provide a HAR file on request. LMK
Thanks!
auth_config.json
{
"domain": "dev-********.us.auth0.com",
"clientId": "BuLP3AHrIZLE4rxI25OmqwL********",
"audience": "https://myapp-dev.azurewebsites.net",
"errorPath": "/error"
}
environment.ts
import config from '../../auth_config.json';
const { domain, clientId, audience, errorPath } = config as {
domain: string;
clientId: string;
audience?: string;
errorPath: string;
};
export const environment = {
production: false,
auth: {
domain,
clientId,
...(audience && audience !== 'YOUR_API_IDENTIFIER' ? { audience } : null),
redirectUri: window.location.origin,
errorPath,
},
httpInterceptor: {
allowedList: [`https://myapp-dev.azurewebsites.net/WeatherForecast`],
},
};
app.module.ts
import { BrowserModule } from '@angular/platform-browser';
import { NgModule } from '@angular/core';
import { FormsModule } from '@angular/forms';
import { HttpClientModule, HTTP_INTERCEPTORS } from '@angular/common/http';
import { RouterModule } from '@angular/router';
import { AppComponent } from './app.component';
import { NavMenuComponent } from './nav-menu/nav-menu.component';
import { HomeComponent } from './home/home.component';
import { CounterComponent } from './counter/counter.component';
import { FetchDataComponent } from './fetch-data/fetch-data.component';
import { AuthModule, AuthGuard, AuthHttpInterceptor } from '@auth0/auth0-angular';
import { environment as env } from '../environments/environment';
@NgModule({
declarations: [
AppComponent,
NavMenuComponent,
HomeComponent,
CounterComponent,
FetchDataComponent
],
imports: [
BrowserModule.withServerTransition({ appId: 'ng-cli-universal' }),
HttpClientModule,
FormsModule,
AuthModule.forRoot({
...env.auth,
httpInterceptor: {
...env.httpInterceptor,
},
}),
RouterModule.forRoot([
{ path: '', component: HomeComponent, pathMatch: 'full' },
{ path: 'counter', component: CounterComponent, canActivate: [AuthGuard] },
{ path: 'fetch-data', component: FetchDataComponent, canActivate: [AuthGuard] },
], { relativeLinkResolution: 'legacy' })
],
providers: [
{
provide: HTTP_INTERCEPTORS,
useClass: AuthHttpInterceptor,
multi: true,
}
],
bootstrap: [AppComponent]
})
export class AppModule { }