I was wondering if anyone can advise - does Ocelot support Cookie Authentication? I have 3 microservices and I am new to Ocelot and in many articles and documentation, it is written that Ocelot works with tokens only. Can anyone suggest how to create API Gateway which handles cookie authentication?
CodePudding user response:
in microservices the authentication and authorization is handled by identity server (Oauth) and the ocelot is a reverse-proxy (also load balancing etc) to forward requests. if you configure ocelot to proxy any secured api then you can do configuration like
{
"Routes": [
{
"DownstreamPathTemplate": "/WeatherForecast",
"DownstreamScheme": "https",
"DownstreamHostAndPorts": [
{
"Host": "localhost",
"Port": 5001
}
],
"UpstreamPathTemplate": "/weather",
"UpstreamHttpMethod": [ "GET" ],
"AuthenticationOptions": {
"AuthenticationProviderKey": "IdentityApiKey",
"AllowedScopes": []
}
}
]
ocelot program.cs
var authenticationProviderKey = "IdentityApiKey";
builder.Services.AddAuthentication()
.AddJwtBearer(authenticationProviderKey, cfg =>
{
cfg.Authority = "https://localhost:9001";
cfg.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false
};
});
where the localhost:9001 is the identity server service.
this the minimum configuration.
Ocelot works with tokens only
NO. if the api you try to reach is secured then yes.