---
title: "Easy Authentication in Xamarin Apps with Auth0"
description: "Learn how to add authentication to iOS and Android apps with Xamarin and Auth0."
authors:
- name: "Daniel Krzyczkowski"
url: "https://auth0.com/blog/authors/daniel-krzyczkowski/"
date: "Feb 4, 2020"
category: "Developers,Tutorial,Xamarin"
tags: ["xamarin", "authentication", "mobile", "dotnet", ".net", "csharp", "ios", "android"]
url: "https://auth0.com/blog/easy-authentication-xamarin-auth0/"
---
# Easy Authentication in Xamarin Apps with Auth0
**TL;DR:** With Xamarin, developers can build native cross-platform mobile applications using C# on .NET. Also, authentication and authorization are a significant part of application architecture since they allow users to access specific functionalities and resources selectively. In this tutorial, we will learn how to use Xamarin together with [the Auth0 OpenID Connect (OIDC) Client for .NET library](https://github.com/auth0/auth0-oidc-client-net) to enable authentication in our iOS and Android mobile applications.
## Authentication Challenges in Mobile Applications
User authentication is a part of almost every application. Before accessing a specific functionality, a user has to register and log in. Implementing an authentication mechanism can be complicated and time-consuming and requires facing some important challenges, such as:
- Storing user credentials in a secured storage
- Generating access tokens
- Managing account restore
- Sending verification e-mails
- Managing user permissions
- Integration of login mechanism for social media accounts such as Facebook or Google
These are only some examples, but there are even more challenges. With [Auth0](https://auth0.com/), it is much easier to implement authentication in Xamarin mobile apps. In this article, we will learn how to leverage the OIDC .NET library from Auth0 to integrate authentication with Xamarin Android and Xamarin iOS applications.
## Xamarin for Creating Native Mobile Applications
Mobile developers have a few different options to choose from to build their mobile apps. We can use different frameworks to support the three main development approaches - *responsive web*, *hybrid*, or *native*. It gives developers a lot of flexibility. Of course, all three approaches have pros and cons. Let's look at some of them.
### Responsive web apps
**Pros**
- Lower cost: When developing a responsive web design, we do not have to implement different mobile apps; a website is available and responsive on all devices.
- Maintenance: There is one codebase. We do not have to maintain separate source code for each mobile apps' platform.
- Quick updates to the user interface without having to redeploy the application to mobile app stores.
**Cons**
- Loading time can sometimes be slow, which can disrupt the user experience.
- More time spent on the layout adjustment to make the user interface looks good on all devices.
- Limited access to mobile device-specific functionality, such as location services.
### Hybrid apps
**Pros**
- Access to mobile device-specific functionalities: some plugins allow access to device features such as the camera or contacts list.
- Maintenance: there is one codebase. We do not have to maintain separate source code for each mobile apps' platform.
- Lower cost: when developing a responsive web design, we do not have to implement different mobile apps; a web UI is available and responsive on all devices.
**Cons**
- Loading time can sometimes be slow, which can disrupt the user experience.
- Access to some device-native functionality can be limited.
- The scope of graphic and visual representation is limited, so creating responsive UI can be a challenge.
### Native apps
**Pros**
- One of the biggest pros is performance, since apps are developed specifically for a specific operating system.
- Ability to craft the user experience to perfection: developers can adjust the user interface to mobile platform based characteristics.
- Enhanced security because mobile apps have to be verified before they are officially available in mobile app stores.
**Cons**
- Longer development time, as there are different source codebases for each mobile platform.
- Native mobile app development can be expensive.
- Full application support on each mobile device platform as users can use different versions of the app on different devices.
### The Xamarin approach
Before creating a mobile application, it is very important to choose the right approach. Each one has its pros and cons. In this article, we will focus on the Xamarin platform, which enables the creation of native, cross-platform mobile applications.
With Xamarin, it is possible to implement native iOS, Android, Windows, and Mac applications in C# on .NET using Visual Studio or Visual Studio for Mac. Xamarin (officially acquired by Microsoft in 2016) is a great option to choose for companies that already work with Microsoft's stack and have developers with extensive C# and .NET knowledge. It is worth pointing out that applications created with Xamarin are fully native, which means the entire application will be written in C# and then compiled to its native binary. With the Xamarin Native approach, we have access to native controls and designers (native UI technology), so it is much easier to start, especially for native iOS and Android developers. The C# codebase is shared in each scenario, so we, as developers, do not have to write code twice.
If you would like to start learning Xamarin, I encourage you to visit the official [Get started with Xamarin page](https://docs.microsoft.com/en-us/xamarin/cross-platform/get-started/), where you will find a lot of great content related to mobile app development with Xamarin. It is possible to develop either with Visual Studio 2019 on Windows machines or use Visual Studio for Mac on Apple computers.
### Xamarin.iOS and Xamarin.Android development
Xamarin.iOS exposes the complete iOS SDK for .NET developers the same as Xamarin.Android exposes the complete Android SDK. It means that we have access to all native system APIs. This is powerful because we can create beautiful user interfaces with a shared codebase written in C#. Great official documentation for [Xamarin.Android](https://docs.microsoft.com/en-us/xamarin/android/) and [Xamarin.iOS](https://docs.microsoft.com/en-us/xamarin/ios/) is available. In the end, we get a fully native mobile application after compilation, so performance is comparable with the performance of apps created using traditional methods.
In this article, we will focus on Xamarin.iOS and Xamarin.Android applications and see how to integrate them with the Auth0 authentication library.
## Xamarin.iOS and Xamarin.Android Projects Setup
Xamarin development is possible using either Visual Studio on Windows or Visual Studio for Mac computers. In this article, we will use Visual Studio for Mac. If we do not already have Xamarin in Visual Studio for Mac, [there is excellent documentation available, with step-by-step setup instructions](https://docs.microsoft.com/en-us/visualstudio/mac/installation?view=vsmac-2019).
### Creating the Xamarin.iOS project
We will start by creating a new Xamarin.iOS project. Let's open Visual Studio for Mac and select the _+New_ button:
There, from the templates, we have to find the _iOS Single View App_ template, as shown in the following picture:
In the next screen, let's type _Auth0.Xamarin.iOS_ as the *App Name* and _com.auth0.xamarin.ios_ as the _Organization Identifier_, as show below:
In the next section, let's type *Auth0.Xamarin.iOS* as the *Project Name* and *Auth0.Xamarin* as the *Solution Name*. Then, let's provide the physical location where project files will be located:
Once we click the _Create_ button, a new project is created.
Please, note that a `ViewController.cs` file is automatically added. It is related to the user interface file called `Main.storyboard`. This is the place where we will define the _Login_ button that will enable authentication.
We also add the main logo image that will be displayed on the login view. Among the files and folders of the project shown in Visual Studio, we double-click on the `Assets.xcassets` folder. In the tab that opens, we click the _+_ button at the bottom and select the _New Image Set_ menu item. Now, we can change the name of the newly created image set by clicking on it. Let's name it _MainLogo_. There we can add [this image](https://github.com/auth0-blog/auth0-xamarin/blob/master/src/Auth0.Xamarin.Droid/Resources/drawable/ic_main_app_logo.png) in the _Universal_ section at _1x_ size.
The last step is related to the application configuration. We have to set the _Deployment Target_ to make sure that our application works on specific iOS devices. We double-click on the `Info.plist` file, and in the _Deployment Info_ section, we have to set _Deployment Target_ to _12.3_. We have also to make sure that the _Bundle Identifier_ in the *Identity* section is set to _com.auth0.xamarin.ios_:
Once the above steps are completed, we rebuild the project to ensure that the project's code is fine. So, we click the _Build_ button at the top of the Visual Studio for Mac and select _Build All_.
### Creating the Xamarin.Android project
We will create a new *Xamarin.Android* project in the same solution we created above. So, we right-click on the _Auth0.Xamarin_ solution, select the _Add_ menu item, then the _New Project..._ item. In the window that opens, select the _Blank Android App_ project template, as shown in the following picture:
We will call this app _Auth0.Xamarin.Droid_. We will set the _Organization Identifier_ to _com.auth0.xamarin.droid_ and the _Target Platforms_ to _Modern Development_, as shown in the following picture:
In the next step, we have to provide the name of the project. Let's name it _Auth0.Xamarin.Droid_. Let's also provide the location for the project, then we can click the _Create_ button:
Note that the `MainActivity.cs` file that was automatically generated is related to the user interface file called `activity_main.axml`. In the latter, we will define the _Login_ button, as per the iOS application.
During this step, we also add the main logo image that will be displayed on the login view. It is available for download [under this link](https://github.com/auth0-blog/auth0-xamarin/blob/master/src/Auth0.Xamarin.Droid/Resources/drawable/ic_main_app_logo.png). Once the image is downloaded, we have to open the `Resources/drawable` folder and right-click on it. So, we select the *Add* menu item and then the _Existing Files..._ menu item. Once we choose the image from our file system, let's choose the _Copy the file to the directory_ option from the displayed dialog and click _OK_.
The last step is related to the application configuration. We have to set the _Minimum Android version_ and the _Target Android version_ to make sure that our application works on specific Android devices. So, let's right-click on the _Auth0.Xamarin.Droid_ project and select _Options_ from the contextual menu. From the left section of the dialog window, we have to select _Android Application_. For this sample, we will set _Minimum Android version_ to _Android 8.0 (API level 26)_ and _Target Android version_ to _Android 9.0 (API level 28)_. We have also to make sure that the _Package name_ is set to _com.auth0.xamarin.droid_. The resulting dialog should look like the following:
To prevent issues when building or deploying the project, we have to check if the _Android SDKs_ are correctly installed. To do this, we click on the _Tools_ menu at the top of Visual Studio and select _SDK Manager_. We have to make sure that _Android 8.1 - Oreo / Android SDK Platform 27_ is selected. If not, select and install it.
Once the above steps are completed, we can rebuild the project to ensure that the basic project is ready. So, we click the _Build_ menu at the top of the Visual Studio for Mac and select the _Build All_ menu item.
> There might be an issue with resolving the `Xamarin.Essentials` namespace in the `MainActivity` class defined in the `MainActivity.cs` file. If this happens, we have to add `using Xamarin.Essentials` directive to the `using` section of the `MainActivity.cs` file. Then, we remove the `Xamarin.Essentials` prefix that was added in the initial source code. The resulting code of the file will be as follows:
>
> ```csharp
> //Auth0.Xamarin.Droid/MainActivity.cs
>
> using Android.App;
> using Android.OS;
> using Android.Support.V7.App;
> using Android.Runtime;
> using Android.Widget;
> using Xamarin.Essentials;
>
> namespace Auth0.Xamarin.Droid
> {
> [Activity(Label = "@string/app_name", Theme = "@style/AppTheme", MainLauncher = true)]
> public class MainActivity : AppCompatActivity
> {
> protected override void OnCreate(Bundle savedInstanceState)
> {
> base.OnCreate(savedInstanceState);
> Platform.Init(this, savedInstanceState);
> // Set our view from the "main" layout resource
> SetContentView(Resource.Layout.activity_main);
> }
> public override void OnRequestPermissionsResult(int requestCode, string[] permissions, [GeneratedEnum] Android.Content.PM.Permission[] grantResults)
> {
> Platform.OnRequestPermissionsResult(requestCode, permissions, grantResults);
>
> base.OnRequestPermissionsResult(requestCode, permissions, grantResults);
> }
> }
> }
> ```
>
> Then, we expand the `Packages` folder in the Android project, right-click the `Xamarin.Essentials` package, and select the _Update_ menu item. The latest version of the package should be downloaded and installed. At this point, we can retry to build the application.
>
Both Xamarin.iOS and Xamarin.Android projects are ready.
## Configuring the Applications in the Auth0 Dashboard
Integrating Auth0 with Xamarin applications is straightforward. First of all, we have to register a new application in the [Auth0 dashboard](https://manage.auth0.com/dashboard). If we do not have an account yet, we can create one for free now. After successfully logging in, we can register a new application using the _Applications_ section in the left navigation menu. We have to click the _Create Application_ button first, then provide the application name and select _Native_ as the application type. Finally, click the _Create_ button:
In the next step, we select _Xamarin_ as the native SDK. After this step, we land in the _Quick Start_ tab showing a great tutorial demonstrating how to add user login to a Xamarin application using Auth0. We can download the sample app to see how integration with the Auth0 OIDC library looks. It is also available [on GitHub](https://github.com/auth0-community/auth0-xamarin-oidc-samples/tree/master/Quickstart/01-Login). We are going to explain it step by step below.
### Setting up the Allowed Callback URLs
Once the application is created in the dashboard, we have to configure callback URLs for the Xamarin.Android and Xamarin.iOS applications. To do it, we have to open the _Settings_ tab. Here, we should take note of the domain and the client ID associated with our Auth0 application. We will need these values later on.
In the same tab, we need to provide a callback URL for each platform, Android and iOS in our case, separated by a comma.
For the Android application, the callback URL has the following format:
`YOUR_ANDROID_PACKAGE_NAME://YOUR_DOMAIN/android/YOUR_ANDROID_PACKAGE_NAME/callback`
YOUR_ANDROID_PACKAGE_NAME is the *Package Name* for the application in the form of `com.samplecompany.myapplication`. In our application, it should be set like this:
`com.auth0.xamarin.droid://YOUR_DOMAIN/android/com.auth0.xamarin.droid/callback`
Similarly, for the iOS application, the callback URL has the following format:
`YOUR_BUNDLE_IDENTIFIER://YOUR_DOMAIN/ios/YOUR_BUNDLE_IDENTIFIER/callback`
YOUR_BUNDLE_IDENTIFIER is the bundle identifier for the application in the form of `com.samplecompany.myapplication`. In our application, it should be set like this:
`com.auth0.xamarin.ios://YOUR_DOMAIN/ios/com.auth0.xamarin.ios/callback`
Click the *Save changes* button to confirm your changes.
### Enable login with Google as an identity provider
To enable us to log in with a Google account, we have to set up a few more things. First, we have to open the _Connections_ tab and check if _google-oauth2_ is enabled in the _Social_ section:
Now, let's open the _Social_ section under _Connections_ in the left navigation menu. Note that _Google_ is enabled there. There is also a message warning that Auth0 development keys are used and that those keys are only intended for use in development and testing. To get started with Google login, it is enough for test purposes, but we can read more about the [production configuration of connections](https://auth0.com/docs/identityproviders). There is also a great explanation of the [limitations of developer keys](https://auth0.com/docs/connections/social/devkeys).
## Integrating the Auth0 OIDC Library in Xamarin Apps
To enable login with Auth0, we have to integrate the [Auth0 OIDC .NET Client library](https://github.com/auth0/auth0-oidc-client-net), so that authentication and registration flows are much easier to implement.
The library supports the following platforms:
* Universal Windows Platform (UWP 10.0.16299)
* Windows Presentation Foundation (.NET 4.6.2 and higher)
* Windows Forms (.NET 4.6.2 and higher)
* iOS (Xamarin.iOS)
* Android (Xamarin.Android)
We will see in the next steps how to integrate it with the Xamarin.Android and Xamarin.iOS applications. There is also great [documentation available](https://auth0.github.io/auth0-oidc-client-net/documentation/intro.html).
### Integrating the Auth0 OIDC library in Xamarin.Android app
We are going to integrate the library into the *Xamarin.Android* application's source code to enable standard login with a username and password and with a Google account.
#### Adding the library to the project
First of all, we have to add the [Auth0.OidcClient.Android](https://www.nuget.org/packages/Auth0.OidcClient.Android/) NuGet package to our *Xamarin.Android* project. We right-click on the _Auth0.Xamarin.Droid_ project and select _Manage NuGet Packages..._ from the contextual menu. In the search textbox of the dialog window, let's type _Auth0.OidcClient.Android_. Once we find it, let's select and add the package by clicking on the _Add package_ button.
Once the package is added, we can start the integration in the source code.
#### Preparing views to enable login and display data
In the `Resources/layout` folder, let's edit the `activity_main.axml` file to define the view with the logo and the login button. So, we replace the existing code with the code below:
``` html
```
Still in the `Resources/layout` folder, let's add a new view to display a user's profile data, such as name, e-mail, and photo. So, we right-click on the `layout` folder and select the *Add* menu item and then _New File..._. In the resulting dialog window, we select _Android_ on the left and *Layout* from the displayed list. Let's name the new file `activity_user_profile.axml` and click the *New* button. Once the file is created, we can replace its content with the following code:
``` html
```
#### Integrating the Auth0 OIDC library in the source code
Integration with the library in the source code is easy. First, we have to create a `Model` folder in the root of the _Auth0.Xamarin.Droid_ project. In this folder, let's create the `UserProfile.cs` class file with the following content:
```csharp
// Auth0.Xamarin.Droid/Model/UserProfile.cs
namespace Auth0.Xamarin.Droid.Model
{
public class UserProfile
{
public string Name { get; set; }
public string Email { get; set; }
public string ProfilePictureUrl { get; set; }
}
}
```
Now, let's replace the default source code of the `MainActivity.cs` file with the code presented below. We will describe what is happening there in a moment:
```csharp
// Auth0.Xamarin.Droid/MainActivity.cs
using Android.App;
using Android.OS;
using Android.Widget;
using Xamarin.Essentials;
using Auth0.OidcClient;
using Android.Content.PM;
using Android.Content;
using Newtonsoft.Json;
using System.Threading.Tasks;
using Auth0.Xamarin.Droid.Model;
using System;
using IdentityModel.OidcClient.Browser;
namespace Auth0.Xamarin.Droid
{
[Activity(Label = "@string/app_name", MainLauncher = true,
LaunchMode = LaunchMode.SingleTask)]
[IntentFilter(
new[] { Intent.ActionView },
Categories = new[] { Intent.CategoryDefault, Intent.CategoryBrowsable },
DataScheme = "YOUR_ANDROID_PACKAGE_NAME",
DataHost = "YOUR_DOMAIN",
DataPathPrefix = "/android/YOUR_ANDROID_PACKAGE_NAME/callback")]
public class MainActivity : Auth0ClientActivity
{
private Auth0Client _auth0Client;
protected override void OnCreate(Bundle savedInstanceState)
{
base.OnCreate(savedInstanceState);
Platform.Init(this, savedInstanceState);
_auth0Client = new Auth0Client(new Auth0ClientOptions
{
Domain = "YOUR_DOMAIN",
ClientId = "YOUR_CLIENTID"
});
SetContentView(Resource.Layout.activity_main);
var loginButton = FindViewById