OpenID Connect Discovery

Auth0 exposes OIDC discovery documents (https://YOUR_DOMAIN/.well-known/openid-configuration). These can be used to automatically configure applications.

A good example is OpenID Connect middleware for Katana v3 (OWIN):

How to use it

  1. Install the nuget package Microsoft.Owin.Security.OpenIdConnect (v3.x.x)
  2. Go to App_Start\Startup.Auth.cs, and replace your implementation with the following:

Notes on this middleware

Currently, the OpenID Connect middleware does not support JWT tokens signed with symmetric keys. Make sure you configure your app to use the RSA algorithm using public/private keys:

On the Auth0 dashboard:

  1. Go to{YOUR_AUTH0_CLIENT_ID}/settings
  2. Click on Show Advanced Settings.
  3. Set RS256 as JsonWebToken Token Signature Algorithm and click on Save.

With this setting, Auth0 will issue JWT tokens signed with your private signing key. Your app will verify them with your public signing key.