Blazor server app, .Net Core Data Api, SQL Server and Windows Authentication impersonate / pass credentials question

I'm trying to pass the application user's credentials through from a Blazor App to the Data Api and then use these credentials for the SQL Server connection (Trusted_Connection=true) - is this even possible?

I've tried using

WindowsIdentity.RunImpersonatedAsync(((WindowsIdentity)user.Identity).AccessToken.... )

but this is displaying the IIS App Pool user once I deploy it to the server.

I was hoping to do this without an identity provider as it's all being deployed on-premise behind firewalls and will only run on Windows machines with logged in users. An identity provider in this instance seems like overkill ..... unless there is no other way.

Any help would be appreciated!

Thanks

Through my research I've discovered that this isn't possible as you want to have your IIS website running with an account of least privilege - so that it can't get access to the server or network where it shouldn't. This is why the recommendation is to run it with the Application Pool identity.

In my case I will pass the current user's windows credentials identity (i.e. Active Directory ID) to the Data Api where it can pass it to the database to record in an audit field of the tables for all updates and new records, etc.

reference: https://learn.microsoft.com/en-us/troubleshoot/developer/webapps/iis/www-authentication-authorization/understanding-identities

I hope this helps someone one else trying to achieve the same thing.