A naukri.com initiative
Damienbod
1w
140
Image Credit: Damienbod
ASP.NET Core and Angular BFF using a YARP downstream API protected using certificate authentication
- This article shows how to implement certificate authentication to secure downstream APIs using Microsoft YARP reverse proxy in an ASP.NET Core app that uses Angular for UI.
- Along with securing the Angular UI and ASP.NET Core backend, the API is protected with certificate authentication and deployed on Azure App Service.
- The YARP reverse proxy is added in the ASP.NET Core application's startup and the appsettings.json file.
- The ReverseProxy settings add the configuration defined in the app settings.
- The downstream API uses certificate authentication to protect it and requires a certificate forwarding middleware in local development but not on Azure App Service.
- The article also includes the setup process that shows the app working with increased security using a certificate rather than just a token.
- This approach increases security and makes it simple to implement a secure app-to-app security.
- Securing the downstream APIs with cookies may still be the weakest link if not secured correctly.
- Links to related resources used while making the app are provided in the article.
Read Full Article
8 Likes
For uninterrupted reading, download the app