Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 43.6K Get started
Back

Auth flow with external API backend

  • 0
  • Auth
  • Cloud
View on Discord
Anger_Goose
18 Sep, 2024, 10:29

Hi all! I'm a bit new to auth in general so forgive me for the noobish questions. I currently have an Asp.net core web api as my backend which is called by an Astro server. The Astro server proxies all user requests through Astro endpoints. The .net API handles authentication using Asp.net core's Identity package, so I have a single API handling both auth and resources. This makes it convenient for authorization, but I'm not sure if it's the best overall. The first picture is a diagram of my current flow.

I am having trouble understanding how integrating Appwrite for auth into this scenario would work.

**As far as I understand, it is not possible for Appwrite to sign JWTs with an RSA key (which would allow for independent verification). Is that correct? **

In light of that, would the flow depicted in the second diagram be required? I am hesitant to have every single request require a round trip to the auth server. The reason I want the .net API to verify the token and have user info is because Asp.net core's built-in strategies for authorizing endpoints are very nice to use.

Second, I read a bit of the documentation but I am not totally clear on something. I know the client will forward the jwt on every request to my Astro server, but can I forward the JWT onwards from my Astro server as a header to my resource API?

I'm drawn to using Appwrite because I figure it's more robust than my own solution and I can just integrate an SMTP service and call it a day as far as setting up verification. However, I'm having trouble understanding if it suits my use case since I'm not doing all my business logic on my Astro server, but instead just routing requests.

I'm currently using cloud to test out some features, but might switch to self hosted if I decide to move forward.

Any insight or advice would be appreciated. Thank you!

TL;DR
Developers integrating Astro server with an Asp.net core web API have questions about integrating Appwrite for authentication. They are unsure if Appwrite can sign JWTs with an RSA key. They are also concerned about the flow of forwarding JWTs from Astro server to the resource API. Developers seek advice on balancing convenience with independent verification and considering Appwrite for a more robust solution with additional features like SMTP. They welcome any insights or advice from the community.
Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more