Azure SignalR Service Serverless with Frontdoor & ASP.NET negotiation
Azure Frontdoor is a great way to secure your application against the outside world. One downside though is the lack of websocket support meaning no SignalR communication can get through. This is where the SignalR Service’s serverless option comes in handy. It allows us to establish a connection with the service directly which acts as a proxy between clients and servers.
As illustrated below the client will request the SignalR credentials from the backend via a regular REST call. The Web App negotiates with the SignalR Service, retreives the credentials for the user and passes the result back to the client. With the credentials the user can directly connect to the SignalR Service via Websockets, bypassing the Azure Frontdoor.
For the negotiation we use the Microsoft.Azure.SignalR.Management NuGet package which allows us to communicate with the SignalR Service using Managed Identity.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
One thought on “Azure SignalR Service Serverless with Frontdoor & ASP.NET negotiation”
Is it best practice to create ServiceManager and ServiceHubContext instance everytime while api call for “Negotiate” ? look like we need to create singleton instance?
Can you please guide me what is best practice to implement this things in dotnet core web api.
Is it best practice to create ServiceManager and ServiceHubContext instance everytime while api call for “Negotiate” ? look like we need to create singleton instance?
Can you please guide me what is best practice to implement this things in dotnet core web api.