Validate user token of multiple applications in a single OAuth2-based authentication WebAPI

1

I am in the following scenario:

I developed an API that is only used for authentication and authorization of company users, which I am calling SecurityAPI. All services work as expected and the API is based on OAuth2.

In the company I have several applications and each application has its API with specific business rules.

Considering the situation where, for example, I log in by making a request to the SecurityAPI that returns me the generated Token and the same one being saved in the session, then I want to make a request for a SPA application angular for the API with business rules specific to that application. How can I send the Token information to the security API to authenticate and / or authorize the requesting user according to the generated Token?

    
asked by anonymous 27.03.2018 / 15:33

0 answers