I have an angular app with .Net core backend application. I am, looking to implement SSO with OKTA using OpenId connect or SAML.
I have created a Web application in OKTA for the backend services and I was able to get access token back
Same thing I have created SPA and I was able to authenticate the user from the angular app.
I am trying to figure how to connect this together under one application that uses SSO.
I want the user tn be able to authenticate once he/she launches the web interface or the UI and also I want the user to be able to authenticate if he/she tries to call in the backend APIs directly (Swagger/Postman)
What will be the correct architecture here? do I create SPA application or a web application in OKTA? who should initiate the login? the Angular code or the .Net Code?
should I have the angular code authenticates and get the access token then use the same token to authenticate through the backend services?
Should I have the authentication happen in the backend only and have the UI call a service in the backend that does the authentication?
Do I need 2 applications created in OKTA one for the angular app and one for the .Net core app?