Authentication in Asp.net core — Mental Model
Asp.net Core uses the claim-based identity model, which can sometimes get tricky for newcomers.
In this blog, I am attempting to provide a simple mental model to make it simple. Imagine walking into a hotel for a night's stay; the Hotel receptionist mostly asks for the valid or Known Id. It will be a passport issued by the company or any known ID.
Taking the analogy to the Asp.net core, every user is considered Principal. Walking into the hotel can be considered, and going to the website and website ask you to log in using a well-known Identity provider similar to a passport.
In this case, the passport is an identity given by the host country; similarly, for the website, the identity can be given by many providers like Google, Facebook, or Local store(AD).
Now every provider provides different information like passport provides the photograph and name details. In the case of the website, we can have different providers like Google, Facebook, and others.
A picture is worth 1000 words, so here we go.