Great video! Please cover api to api scenario as well in the next video

@learnsmartcoding

3 ай бұрын

sure, will do that in upcoming videos. Thanks for checking :)

Please start a new video series on Microservices

If I don't have different scopes. Should I mention the RequireScope attribute in the controller methods.

@learnsmartcoding

3 ай бұрын

Hi Sanjay, In general for a proper web api, scopes are required. The application you see in this video is build with industry standards so I loved to explain how it really works. If you are building for your own for a simple one, you can just have only scope for all. I strongly suggest to implement WEB API in a proper way. If you are learning this first time, this will help you to do right thing in your project or even when asking interview, it helps a lot. Here is the detailed explanation, in case you need it for reference. In Azure AD B2C (Azure Active Directory Business-to-Consumer), scopes are used to control access to resources such as APIs. Each scope represents a specific permission or set of permissions that an application or client can request from the API. The need for different scopes for different controllers in a microservice architecture can arise from several factors: Granular Access Control: Different parts of your microservice may require different levels of access to resources. For example, one controller might handle sensitive operations or data, while another might handle more general tasks. By defining different scopes for each controller, you can enforce fine-grained access control, ensuring that only authorized clients can access specific endpoints. Security Requirements: Certain operations within your microservice may require elevated permissions or involve sensitive data. By using different scopes, you can enforce stricter access controls for these operations, ensuring that only clients with the appropriate permissions can access them. Regulatory Compliance: Depending on the regulatory requirements that your application needs to adhere to, you may need to implement specific access controls for different parts of your microservice. By using different scopes, you can tailor access controls to meet these compliance requirements. Resource Isolation: Different controllers within your microservice may interact with different sets of resources or data stores. By using different scopes, you can enforce access controls that reflect the resource dependencies of each controller, preventing unauthorized access to sensitive resources. Client Requirements: Clients consuming your microservice may have different access requirements based on their role or the specific tasks they need to perform. By defining different scopes, you can accommodate these varying requirements and ensure that clients only request the permissions they need to perform their intended tasks. In summary, using different scopes for different controllers in a microservice allows for finer control over access to resources, enabling you to enforce security, compliance, and resource isolation requirements more effectively. Hope this helps. Happy coding!

I have followed the whole video like 10 time but that access token is never received

@learnsmartcoding

3 ай бұрын

Hi Alejandro, Thank you for reaching out to me. Please verify the below steps are done to make this project work. 1. Run the .Net Core App projects from here github.com/learnsmartcoding/e-commerce-smartcarthub-microservices 2. Run Angular App from here github.com/learnsmartcoding/e-commerce-smartcarthub-webapp 3. Now, once the app is running, try to navigate to Checkout or Orders or even hit on Login at the top of the page. 4. This will force you to login to the app. 5. Upon login, you should be able to see the token call with all the required access token (press F12 on browser or right click and select inspect to see the developer tool. In network tab you can see all the outgoing API calls) Please let me know what you tried so far so I can help you make this work in your local machine. Happy coding!