Skip to main content

Authentication

Endatix leverages ASP.NET Core Identity to provide robust authentication features, including support for external identity providers. The Authentication guide explains the authentication flow used in Endatix and covers how to customize the authentication to your needs.

The sections are structured to help you integrate Endatix authentication, from basic setup to advanced configurations. You can follow the guides in order or skip to the topics most relevant to your project.

Authentication Scheme

The Endatix authentication flow is built around JSON Web Tokens (JWT), offering several key advantages:

  • Stateless Authentication: JWTs contain all necessary user information, eliminating the need for server-side session storage, which improves scalability and simplifies integration.
  • Security: JWTs are signed, ensuring data integrity. In Endatix Hub, they are securely handled on the server-side, avoiding client exposure.
  • Interoperability: JWTs are widely supported across platforms and frameworks, making it easier to integrate with other systems.
  • Chain of Responsiblity: The Endatix API is responsible for validating users and issuing JWT tokens to various clients and applications. Endatix Hub is one such client, seamlessly integrating with the API.

Endatix Hub: Authentication Flow Overview

Endatix Hub integrates seamlessly with the Endatix API, requiring no additional configuration to enable authentication.

How it Works

  • Session Management: Endatix Hub is a Next.js application that manages user sessions using secure cookies.
  • Login Process: When users submit their login credentials, the Next.js server sends them to the Endatix API via a server-to-server request, using Next.js Server Actions.
  • Validation & JWT Issuance: The Endatix API uses ASP.NET Core Identity to validate the credentials. On successful authentication, a JWT token is issued.
  • Security: The JWT token is never sent to the client; instead, it is securely handled by Next.js server-side middleware. The token is validated on every request to ensure only authorized users can access protected resources on the Endatix API.
  • Session & Token Expiration: The session cookie's expiration is aligned with the JWT token's lifetime, ensuring synchronized session management.

Diagram

Login flow diagramLogin flow diagram

Configuring Authentication

To configure the authentication settings, please refer to the following pages: