Flowing Credentials -> Even after a request has been authorized in the proxy, the destination server may still need to know who the user is (authentication) and what they're allowed to do (authorization)

[pastrasigns]

Hi Yarp devs,

Is there any solid example of Flowing Credentials out there? I have a Yarp Web API which does Identity SPA login, but I would like my other APIs in the back to also pass down the bearer token in the request (which it currently does) and re authenticate the user again with the same Identity. How to do this??

https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/yarp/authn-authz?view=aspnetcore-9.0

"Flowing Credentials

Even after a request has been authorized in the proxy, the destination server may still need to know who the user is (authentication) and what they're allowed to do (authorization). How you flow that information will depend on the type of authentication being used."