ASP.NET Core Introduction
This tutorial and seed project have been tested with the following:
- .NET Core SDK 2.0
- .NET Core 2.0
- ASP.NET Core 2.0
This tutorial can be completed with the command line tools and your code editor of choice, or alternatively you can use Microsoft Visual Studio 2017 Update 3. For more details on how to use .NET Core on your platform, please see the .NET Core Website.
This quickstart guide will walk you through the various tasks related to integrating Auth0 into your ASP.NET Core MVC application.
If you would like to follow along with this Quickstart you can download the seed project. This is just a regular ASP.NET MVC application with a home page and some of the NuGet packages which will be needed included. It also contains an
appSettings.json file where you can configure the various Auth0-related settings for your application.
The final project after each of the steps is also available in the Quickstart folder of the ASP.NET Core MVC Samples repository. You can find the final result for each step in the relevant folder inside the repository.
Get Your Application Keys
When you signed up for Auth0, you created a new client.
Your application needs some details about this client to communicate with Auth0. You can get these details from the Settings section for your client in the Auth0 dashboard.
You need the following information:
- Client ID
Configure Callback URLs
The Callback URL of your application is the URL where Auth0 will redirect to after the user has authenticated in order for the OpenID Connect middleware to complete the authentication process.
You will need to add this URL to the list of Allowed URLs for your application. The Callback URL for the seed project is
http://localhost:60856/signin-auth0 if you use IIS Express, or
http://localhost:5000/signin-auth0 if you use Kestrel, so be sure to add this to the Allowed Callback URLs section of your application.
If you deploy your application to a different URL you will also need to ensure to add that URL to the Allowed Callback URLs. For ASP.NET Core this URL will take the format
Configure JSON Web Token Signature Algorithm
The ASP.NET Core OpenID Connect (OIDC) middleware which will be used to authenticate the user, requires that the JSON Web Token (JWT) be signed with an asymmetric key. To configure this go to the settings for your application in the Auth0 Dashboard, scroll down and click on Show Advanced Settings. Go to the OAuth tab and set the JsonWebToken Signature Algorithm to RS256.
Save your changes.
To integrate Auth0 with ASP.NET Core you will use the Cookie and OpenID Connect (OIDC) authentication handlers. The seed project already references the ASP.NET Core metapackage (
Microsoft.AspNetCore.All) which includes all NuGet packages shipped by Microsoft as part of ASP.NET Core 2.0, including the packages for the Cookie and OIDC authentication handlers.
If you are adding this to your own existing project, and you have note referenced the metapackage, then please make sure that you add the
Microsoft.AspNetCore.Authentication.OpenIdConnect packages to your application.
Install-Package Microsoft.AspNetCore.Authentication.Cookies Install-Package Microsoft.AspNetCore.Authentication.OpenIdConnect
Please continue with the Login tutorial for instruction on how to implement basic login.