0
votes

I have an angular2 application which is secured using openid-connect and oauth2. After the user is authenticated the application access an webapi1 which is secured. Everything working fine until here.

Now i want to access another secured webapi say for eg: webapi2 from webapi1 method. How to do this ie. how to get the bearer token to pass in httpclient?

I am using localstorage to store the access token in angular app.

Thanks

1

1 Answers

0
votes

First of all you need to clarify which one is the main authentication server (Web API 1 or Web API 2).

  • If Web API 2 is main authentication server then you need to get bearer token using server to server communication between API 1 and API 2 and just do token forwarding.
  • If both API has their own authentication mechanism then before authenticating API 1 you need to get token from API 2 then add the API 2 token to claim of API 1 and issue the API 1 token to client. (Note: Use API 2 token stored in claim while sending request to API 2).