16

I want to create the web application which will be based on angularjs frontend and ASP.NET Web API. I need create the secure api but I can't use the token based authentication on the company's server where will be implemented this web application.

Is possible use the cookie based authentication for SPA and ASP.NET Web API?

How can I configure the cookie based authentication on the ASP.NET project for this scenario where I have the SPA and Web API?

Improve this question
2
  • Even tokens are stored in cookies, it is the most common way to maintain a session. Commented May 13, 2016 at 19:27
  • 9
    @JahirulIslamBhuiyan Isn't it ironic that this question is the #1 google result? Your comment didn't help me at all. Commented Jan 5, 2017 at 13:46

1 Answer 1

Reset to default
8

The TokenBased Authentication is currently used in SPA based on BackEnd API applications is to overcome the limitation of cookiebased authentication But since you have decided to go with it then you can use OWIN cookieAuthentication middleware which will do the needful. Here's an article showing how to configure the OWIN cookie authentication middleware in Asp.net project(No matter if it's WebApi or MVC application).

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Can we use cookie based authentication if SPA and ASP.NET Web API are different projects and are on different domains? I have multiple clients, Will I be able to use only bearer token in this case?
too me the Token Authentication look fulls of limit and hardness ship :| also it look buggy and requires lots of efforts which i'm not aware of...

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.