ASP.NET Web API (OWIN) Introduction

Download a sample project.

This Quickstart will guide you through the various tasks related to using Auth0-issued JSON Web Tokens to secure your ASP.NET (OWIN) Web API.

Seed & Samples

If you would like to follow along with this Quickstart you can download the seed project. The seed project is just a basic ASP.NET Web API with a simple controller and some of the NuGet packages which will be needed included. It has also defined some of the required Auth0-related settings in the appSettings key of the Web.config.

The final project after each of the steps is also available in the Sample repository. You can find the final result for each step in the relevant folder inside the repository.

Create an Application

Create an Auth0 account (or login) and add an authentication client instance from the dashboard. Once you create your client, you will be provided with credentials (Domain, Client ID, and Client Secret) which should be stored somewhere safe (do not commit this information to your git repo!). You can download the sample after you login and it will be pre-configured with your Default App credentials.

App Dashboard

Be sure to update the appSettings section in your web.config file in the seed project with the correct values for your application.


The JWT middleware you will use depends on whether your JWT tokens are signed using HS256 or RS256.

For HS256 signed tokens you will need to add the standard JWT middleware which is included in the System.IdentityModel.Tokens.Jwt NuGet package. For RS256 signed tokens you will need to add the Active Directory Services Bearer Token middleware which is included in the Microsoft.Owin.Security.ActiveDirectory NuGet package.

Install-Package System.IdentityModel.Tokens.Jwt
Install-Package Microsoft.Owin.Security.ActiveDirectory

The seed project contains both these NuGet packages, but if you are adding it to your own existing project you will only need to add the one which is relevant for your scenario.

That's all you need to start working with Auth0 in your Web API!

Please continue with the Authentication tutorial to secure your Web API.

Try Auth0 for FREECreate free Account