I’m currently implementing an app that uses React as a front end and .NET as a backend, I currently want to use Auth0 SDK both in our front web-app and our .NET backend to fully make use of the SDKs for CRUD and other operations. (I’m syncing my database with the auth0 one). Is this possible? I couldn’t find any post regarding this.
Hi @rayen.besbes,
Welcome to the Auth0 Community and thank you for posting your question.
You can find step by step documentation on how to integrate your React + ASP .NET Core v5/C# by following this guideline.
Also from my understanding you are trying to implement a Backend for Frontend approach, in which case this blog post can provide instructions on how to integrate an ASP .NET as a backend for your React App.
Afterwards user migration can be done either by bulk or automatically, so you can check both the Bulk User Import or Automatic Migration.
I hope this helped
Thanks,
Remus
Will the Backend for Frontend approach allow me to make use of the auth0 React SDK in the frontEnd? I didn’t see something similar in the blog post you mentioned.
Hi @rayen.besbes and thank you for your reply.
To answer your question about the SDK’s as well, you can definitely take advantage of the Auth0 React SDK, even though the implementation is a bit more complex when it comes to the BFF architecture. You can check the schema of securing your SPA Application with this approach and more details on this article.
Best wishes,
Remus
Hi Remus, thanks for your response! I understand the general approach, but I’d love a high-level technical overview of how to set up the Auth0 React SDK with an ASPNET Core BFF architecture.
What i was mentioning above in the fact that it would be more complex when it comes to taking advantage of the Auth0 React SDK is that generally you should still be able to integrate some of the features from the SPA SDK, but in a BFF concept
The SPA must be hosted by the backend, which is implemented as a regular web application.
So for your use case, the React Application will only make direct contact with your backend Application. That is why it would be more reliable to check our Quickstarts for available SDKs when it comes to .NET technologies.
You can also check out this page, that might help you figure our the best approach for your .NET configuration.
The high level steps for configuring authentication and authorization for a BFF approach are as follows:
- The SPA points to a backend URL (/login) to let the user authenticate.
- The backend starts the usual OpenID Connect negotiation with the authorization server: it redirects the user browser to the authorization endpoint to authenticate the user and get the needed tokens.
- The authorization server issues the tokens to the backend, which can store it in a cache.
- The backend issues a cookie representing the user session and triggers the reloading of the SPA in the browser.
- The SPA makes an API request to the backend including the cookie.
- The backend validates the SPA request, retrieves the associated access token, and uses the token to make a call to the API.
- The API returns a response to the backend.
- The backend forwards the response to the SPA.
Hopefully this helps you better understand how the whole process would look like, at least from a high level perspective of course. Thanks !
Remus
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.