ARTICLE AD BOX
I must have all the wrong search terms because nothing that I've looked for explains how this process works.
I have the following
OpenIDDict Authentication Server
Client Web App
API Server
I have full authentication / authorization from (1) Auth Server to (2) Client App. Everything works fantastic at this level.
I have an HttpClient based interface into the API server. And while I have found plenty of examples of "How to secure your API server in Swagger using OpenIDConnect / OpenIDDict, I can't find any examples that have an OIDC based client calling an API server. I'm not even finding non-HttpClient based solutions
What am I missing? How does the OIDC authentication cookies get passed to the API server for authorization & validation? Doesn't even have to be an HttpClient either, its just what was used before.
