I have a web application hosted in the web server, and I am hoping to use the identity server to do login using OpenIdConnect.
Should Identity Server be hosted in the web server (DMZ) or app server, if the web application is assessible in the internet?
I am guessing it should be hosted in the web server? since my web application redirect the request to identity server.
Due to security reason, I need to put the identity server in the app server because it's touching the DB.
Is there any work around other than using old method of Login API?
I have a web application hosted in the web server, and I am hoping to use the identity server to do login using OpenIdConnect.
Should Identity Server be hosted in the web server (DMZ) or app server, if the web application is assessible in the internet? I am guessing it should be hosted in the web server? since my web application redirect the request to identity server.
Due to security reason, I need to put the identity server in the app server because it's touching the DB. Is there any work around other than using old method of Login API?
Thanks.