Mixing web app and web API in the same ASP.NET core app - mattchenderson/microsoft-identity-web GitHub Wiki

You might want the same ASP.NET Core app to be both a web app and a web API. This requires supporting multiple authentication schemes, for instance OpenIdConnectDefaults.AuthenticationScheme and JwtBearerDefaults.AuthenticationScheme.

You'll probably want your web app and web API to have the same client ID, and therefore the configuration section name can be the same (for instance, "AzureAd").

When using Microsoft Identity Web, the configuration in Startup.cs can be setup like so:

 public void ConfigureServices(IServiceCollection services)
 {
  services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
              .AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"))
                  .EnableTokenAcquisitionToCallDownstreamApi(initialScopes)
                      .AddMicrosoftGraph(Configuration.GetSection("DownstreamApi"))
                      .AddInMemoryTokenCaches();

  services.AddAuthentication()
            .AddMicrosoftIdentityWebApi(Configuration.GetSection("AzureAd"),
                                        JwtBearerDefaults.AuthenticationScheme)
            .EnableTokenAcquisitionToCallDownstreamApi();