I am having a microfrontend, where a user login at root application and want to share the user cookie to other micro UIs. Cookies are encrypted using aso.net core 2.1 data protection API. Now to decrypt the cookie MicroUI should use the same key, with which the cookie was encrypted. DataProtection API expect to share the key via share physical storage. Our whole architecture is on Azure Cloud and asp.net core 2.1 DataProtection API doesn't support persisting key in AzureKeyVault. Any help or thought are appreciated.
1 Answers
0
votes
You need to store the Data Protection Key ring in a shared storage that both services can access. You can use a database or azure blob storage.
You can also used Azure Key Vault and I recently blogged about that here:
Storing the ASP.NET Core Data Protection Key Ring in Azure Key Vault
