ASP.NET Core Web API Introduction

Sample Project

Download this sample project configured with your Auth0 API Keys.

System Requirements
  • .NET Core 1.0
  • Visual Studio 2015 Update 3 (Optional)
  • Visual Studio Code (Optional)
Show requirements

At some point, your APIs may need to allow limited access to users, servers, or servers on behalf of users. This tutorial demonstrates how to use the OAuth 2.0 authorization features of Auth0 to give your applications (or third-party applications) limited access to your APIs on behalf of users. For more information, check out our documentation.

Limited Region Support

This feature is only available for tenants under the US region. We will rollout this feature to every region in the following weeks.

This Quickstart will guide you through the various tasks related to using Auth0-issued Access Tokens to secure your ASP.NET Core Web API.

Seed & Samples

If you would like to follow along with this Quickstart you can download the seed project. The seed project is just a basic ASP.NET Web API with a simple controller and some of the NuGet packages which will be needed included. It also contains an appSettings.json file where you can configure the various Auth0-related settings for your application.

The final project after each of the steps is also available in the Sample repository. You can find the final result for each step in the relevant folder inside the repository.

1. Enable OAuth 2.0 API Authorization

To execute the steps in this tutorial, you will need to enable a flag under your Account Settings. This will allow you to opt-in and out of this feature at any point in time while it remains under preview.

  1. Open the Dashboard and browse to Account Settings -> Advanced.
  2. Scroll down to the Settings section and turn on the flag "OAuth 2.0 API Authorization (Preview)"

You will see that the API section is now displayed on your sidebar.

2. Create a Resource Server (API)

In the APIs section of the Auth0 Dashboard, click the Create API button. Provide a Name and Identifier for your API. Be sure to choose the RS256 signing algorithm.

Create API

Also update the appsettings.json file in your project with the correct Domain and API Identifier for your API, e.g.

{
  "Auth0": {
    "Domain": "YOUR_AUTH0_DOMAIN",
    "ApiIdentifier": "YOUR_API_IDENTIFIER"
  }
}

3. Install Dependencies

To use Auth0 Access Tokens with ASP.NET Core you will use the JWT Middleware. Add the Microsoft.AspNetCore.Authentication.JwtBearer package to your application.

Install-Package Microsoft.AspNetCore.Authentication.JwtBearer

This was already done for you in the seed project, so no need to add it if you are using the seed project as a starting point.

That's all you need to start working with Auth0 in your Web API!

Please continue with the Authentication tutorial to secure your Web API.

Next Tutorial
2. Authentication
Use Auth0 for FREECreate free Account