Windows Authentication Angular 4 and Web Api Core


It sounds easy to set up windows authentication, but for a frontend in Angular and a backend in Web Api Core, some configurations needs to be done to get it working.

In this article I describes the steps that I've done to handle it.

First my solution exists of 2 projects:

  • Frontend (Angular 4)
  • Backend (Web Api Core)

First you need to set up the authentication mode on the backend:
You can do this by going to the project properties on the backend and checking the windows authentication and anonymous authentication. It’s important to also check anonymous authentication otherwise the post actions will fail. (First there’ll be send a prefetch to the service and the prefetch will be send without credentials).

For running both projects at the same time in Debug mode, we need to set up the solution properties.

It’s important to send the credentials in the frontend to the backend.
So we need to configure our frontend service as following:

It's important to set the withCredentials bool on true on the service calls.

Finally we need to set up the backend for checking the authentication when it's no options prefetch call.

We add a new middleware class:

In the startup config file we need to set up CORS and the use of this middleware:

You can find more information on CORS on following link.

If we now run our application, it should work.