Home

Awesome

Auth0 SDK for ASP.NET Core applications

A library based on Microsoft.AspNetCore.Authentication.OpenIdConnect to make integrating Auth0 in your ASP.NET Core application as seamlessly as possible.

Release Downloads License AzureDevOps

:books: Documentation - :rocket: Getting Started - :computer: API Reference - :speech_balloon: Feedback

Documentation

Getting started

Requirements

This library supports .NET 6 and .NET 7.

Installation

The SDK is available on Nuget and can be installed through the UI or using the Package Manager Console:

Install-Package Auth0.AspNetCore.Authentication

Configure Auth0

Create a Regular Web Application in the Auth0 Dashboard.

If you're using an existing application, verify that you have configured the following settings in your Regular Web Application:

Next, configure the following URLs for your application under the "Application URIs" section of the "Settings" page:

Take note of the Client ID, Client Secret, and Domain values under the "Basic Information" section. You'll need these values to configure your ASP.NET web application.

:information_source: You need the Client Secret only when you have to get an access token to call an API.

Configure the SDK

To make your ASP.NET web application communicate properly with Auth0, you need to add the following configuration section to your appsettings.json file:

  "Auth0": {
    "Domain": "YOUR_AUTH0_DOMAIN",
    "ClientId": "YOUR_AUTH0_CLIENT_ID"
  }

Replace the placeholders with the proper values from the Auth0 Dashboard.

Make sure you have enabled authentication and authorization in your Startup.Configure method:

...
app.UseAuthentication();
app.UseAuthorization();
...

Integrate the SDK in your ASP.NET Core application by calling AddAuth0WebAppAuthentication in your Startup.ConfigureServices method:

services.AddAuth0WebAppAuthentication(options =>
{
    options.Domain = Configuration["Auth0:Domain"];
    options.ClientId = Configuration["Auth0:ClientId"];
});

Login and Logout

Triggering login or logout is done using ASP.NET's HttpContext:

public async Task Login(string returnUrl = "/")
{
    var authenticationProperties = new LoginAuthenticationPropertiesBuilder()
        .WithRedirectUri(returnUrl)
        .Build();

    await HttpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
}

[Authorize]
public async Task Logout()
{
    var authenticationProperties = new LogoutAuthenticationPropertiesBuilder()
        // Indicate here where Auth0 should redirect the user after a logout.
        // Note that the resulting absolute Uri must be added in the
        // **Allowed Logout URLs** settings for the client.
        .WithRedirectUri(Url.Action("Index", "Home"))
        .Build();

    await HttpContext.SignOutAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
    await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}

For more code samples on how to integrate the auth0-aspnetcore-authentication SDK in your ASP.NET MVC application, have a look at our examples.

This SDK also works with Blazor Server, for more info see the Blazor Server section in our examples.

API reference

Explore public API's available in auth0-aspnetcore-authentication.

Feedback

Contributing

We appreciate feedback and contribution to this repo! Before you get started, please see the following:

Raise an issue

To provide feedback or report a bug, please raise an issue on our issue tracker.

Vulnerability Reporting

Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.


<p align="center"> <picture> <source media="(prefers-color-scheme: light)" srcset="https://cdn.auth0.com/website/sdks/logos/auth0_light_mode.png" width="150"> <source media="(prefers-color-scheme: dark)" srcset="https://cdn.auth0.com/website/sdks/logos/auth0_dark_mode.png" width="150"> <img alt="Auth0 Logo" src="https://cdn.auth0.com/website/sdks/logos/auth0_light_mode.png" width="150"> </picture> </p> <p align="center">Auth0 is an easy to implement, adaptable authentication and authorization platform. To learn more checkout <a href="https://auth0.com/why-auth0">Why Auth0?</a></p> <p align="center"> This project is licensed under the MIT license. See the <a href="https://github.com/auth0/auth0-aspnetcore-authentication/blob/main/LICENSE"> LICENSE</a> file for more info.</p>