developers

Choosing the Right .NET SDK for Auth0

A map to choose the right SDK to integrate Auth0 in your .NET application.

The .NET ecosystem has become quite complex. On the one hand, developers can create different types of applications for different platforms. On the other hand, in its 20-year history, .NET has generated different versions of the development platform, some incompatible with each other or compatible under specific criteria.

Auth0 provides developers with a few SDKs for different application types and different versions of the platform. Which one is right for your application? Let's find out together!

If you want to find out directly what is the SDK or package to use in your .NET application to integrate with Auth0 without sitting through the rationale behind it, jump to the section The Matrix of Solutions.

The Dimensions of the Problem

Let's start by exploring the dimensions of the problem, that is, the factors that influence the choice: the application type, the .NET target, and the role of Auth0.

The application type

As the first dimension, you need to consider your application type. As a .NET developer, you know that the development platform allows you to create applications of several types: from Web to desktop apps, from Web APIs to mobile apps. You can also use different frameworks to build your app. For example, you leverage ASP.NET or ASP.NET Core to build a Web application, but you can use ASP.NET Core MVC or Razor Pages or Blazor Server as the frameworks that support your UI and application architecture. Something similar happens for desktop app UIs: you can use WinForms or Windows Presentation Foundation (WPF) or Universal Windows Platform (UWP), etc.

Identifying your application type and the technology you use or you are going to use is the first step to determining which SDK you must use.

The .NET target

The second dimension is the .NET version your application runs on, which in the .NET lingo is called your application's target. The .NET platform has evolved over the past two decades and has undergone several transformations. From the initial multi-language framework for Windows programming, it has now become a cross-platform development environment that enables the creation of Web, desktop, and mobile applications. You can take into account the following targets:

  • .NET Framework. This was the initial Windows framework, which will be deprecated, but on which many applications still run.
  • .NET Core. The initial cross-platform version of .NET, which is not fully compatible with the .NET Framework. The last .NET Core version was 3.1.
  • .NET Standard. Actually, this is not a true .NET version. It is a specification that aims at defining a common set of APIs between .NET Framework and .NET Core to ensure a degree of compatibility between the two versions. Auth0 SDKs follow .NET Standard 2.0 specifications to keep this compatibility.
  • .NET. This is the current and universal version of the development platform that aims to replace all the previous ones. From the Auth0 point of view, it can be seen as the evolution of .NET Core.

To learn more about the differences between the .NET targets, check out this article.

The role of Auth0

The third dimension is the purpose of using the Auth0 platform in your application. Your application can use Auth0 for three main reasons:

Clarifying the purpose of Auth0 in your application is also important to determine which SDK you must use.

The Auth0 SDKs and Packages

After analyzing the dimensions of the problem, let's see what Auth0 offers to meet the needs of .NET developers. You can use a few SDKs to integrate Auth0's authentication, authorization, and management features into your .NET applications. Each SDK includes one or more packages that you can install from NuGet.

Let's take a look at these SDKs and their packages.

Auth0 ASP.NET Core Authentication SDK

The Auth0 SDK for ASP.NET Core Authentication is designed for adding authentication support to your Web application built with server-side frameworks: ASP.NET Core MVC, Blazor Server, and Razor Pages. It provides you with one package — Auth0.AspNetCore.Authentication, which hides most of the complexity of the authentication and authorization process.

Check out this article for a quick introduction to the Auth0 ASP.NET Core Authentication SDK's main features.

Auth0 OIDC Client for .NET

The Auth0 OIDC Client for .NET supports OpenID Connect-based authentication in your .NET desktop application as well as in your mobile application based on Xamarin. The SDK provides multiple packages depending on the framework used for your application's UI:

Auth0 .NET SDK

The Auth0 .NET SDK enables your .NET Framework and .NET Standard application to authenticate users and manage your Auth0 tenant. It implements two packages:

Leverage Auth0's authentication and authorization services in your .NET applications.

DOWNLOAD THE FREE EBOOK.NET Identity with Auth0

The Matrix of Solutions

Now that you've reviewed the dimensions of the problem and the available Auth0 packages let's create a map that allows you to find on the fly which package to use for a given application type. In the following, you will see three sections, one for each Auth0 role in your application. Within each section, you will find a matrix that matches the application type with the .NET target and proposes the appropriate package. Note that a specific SDK may not be available for some combinations because native .NET support is sufficient or because there are viable third-party alternatives.

Authentication

If your application uses Auth0 to add authentication support, check out this matrix to choose the right package:

.NET Framework.NET (Core)
ASP.NET MVCMicrosoft.Owin.Security.OpenIdConnect
ASP.NET Core MVCAuth0.AspNetCore.Authentication
Razor PagesAuth0.AspNetCore.Authentication
Blazor ServerAuth0.AspNetCore.Authentication
Blazor WebAssemblyMicrosoft.AspNetCore.Components.WebAssembly.Authentication
XamarinAuth0.OidcClient.Android
Auth0.OidcClient.iOS
Auth0.OidcClient.Android
Auth0.OidcClient.iOS
WPFAuth0.OidcClient.WPF
WinFormsAuth0.OidcClient.WinForms
UWPAuth0.OidcClient.UWP
MAUIIdentityModel.OidcClient
ConsoleAuth0.AuthenticationApiAuth0.AuthenticationApi

Notice that for ASP.NET MVC we suggest using Microsoft's standard OWIN library. For .NET MAUI applications, you can use the well-known OpenID Connect Client Library for Native Applications. Check out this article to learn how to use this library to add authentication to .NET MAUI apps.

Access control

If your application uses Auth0 to check access control to server resources, that is, you are implementing a Web API, check out this matrix to choose the right package:

.NET Framework.NET (Core)
ASP.NET Web APIMicrosoft.Owin.Security.Jwt
ASP.NET Core Web APIMicrosoft.AspNetCore.Authentication.JwtBearer

As you can see, you can use Microsoft's standard libraries to check JWT tokens in Web APIs.

Auth0 tenant management

If your application needs to manage users and other Auth0 tenant features, refer to this table:

.NET Framework.NET (Core)
Any app typeAuth0.ManagementApiAuth0.ManagementApi

The Auth0 Management API can be used for any application type targeting any .NET version.

Try out Auth0 authentication for free.

Get started →

Summary

Throughout this article, you learned the criteria you must follow to determine the appropriate SDK and package for your .NET application. The current platform complexity is reflected in the complexity of choosing the right package, of course. With the .NET platform unification, general simplification is expected in the near future, but we cannot forget the legacy code that is still up and running.

So, for your next .NET project, go and pick the right Auth0 SDK!