Add doc information for downstream APIs and cookie cache

damienbod · Sep 8, 2023 · 7079a80 · 7079a80
1 parent 4b077be
commit 7079a80
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/server/Program.cs b/server/Program.cs
@@ -39,7 +39,9 @@
     .AddMicrosoftGraph("https://graph.microsoft.com/v1.0", initialScopes)
     .AddInMemoryTokenCaches();
 
-// If using downstream APIs and in memory cache, you need to reset the cookiw session if the cache is missing
+// If using downstream APIs and in memory cache, you need to reset the cookie session if the cache is missing
+// If you use persistant cache, you do not require this.
+// You can also return the 403 with the required scopes, this needs special handling for ajax calls
 // The check is only for single scopes
 services.Configure<CookieAuthenticationOptions>(CookieAuthenticationDefaults.AuthenticationScheme, 
     options =>  options.Events = new RejectSessionCookieWhenAccountNotInCacheEvents(initialScopes));