We have created our own IdentityServer4 and deployed it on App Services in azure. I also have few apis that are protected by API gateway for me. Can i PUT IdentityServer4 endpoints secured by API gateway? If yes, how? Do i need to configure some policy in gateway? Front end is Mobile application and user register/ login using username/ pwd following ROPC Flow. I feel this will also change instead of IdentityServer4 TokenEnpoint i will hit API gateway with user/pwd in header right? The api gateay will now hit IdentityServer4 using configured policy and get access_token?
Asked
Active
Viewed 182 times
2
-
Why are you putting IdentityServer behind Api Gateway? – Mehrdad Apr 04 '20 at 03:41
-
so we have only 1 endpoint and also DDOS attacks etc gateway can take care – JemHah Apr 04 '20 at 07:03