ASP.NET Core Introduction
This tutorial and seed project have been tested with the following:
- .NET Core 1.1.0
- ASP.NET Core 1.1.1
This tutorial can be completed with the command line tools and your code editor of choice, or alternatively you can use Microsoft Visual Studio 2015 Update 3. For more details on how to use .NET Core on your platform, please see the .NET Core Website.
This quickstart guide will walk you through the various tasks related to integrating Auth0 into your ASP.NET Core MVC application.
If you would like to follow along with this Quickstart you can download the seed project. This is just a regular ASP.NET MVC application with a home page and some of the NuGet packages which will be needed included. It also contains an
appSettings.json file where you can configure the various Auth0-related settings for your application.
The final project after each of the steps is also available in the Quickstart folder of the ASP.NET Core MVC Samples repository. You can find the final result for each step in the relevant folder inside the repository.
Create an Application
When you signed up for Auth0, you were invited to create a new client.
There are some details about this client that your application needs to know about to properly communicate with Auth0. These include your Client ID, Domain, and Client Secret. You can retrieve these values from the settings area for your client in the Auth0 dashboard.
Please note that if you download the samples available for this tutorial, these keys will be pre-populated for you. If you have created more than one client in your account, the sample will come with the values for your Default App.
Configure Callback URLs
The Callback URL of your application is the URL where Auth0 will redirect to after the user has authenticated in order for the OpenID Connect middleware to complete the authentication process.
You will need to add this URL to the list of Allowed URLs for your application. The Callback URL for the seed project is
http://localhost:60856/signin-auth0 if you use IIS Express, or
http://localhost:5000/signin-auth0 if you use Kestrel, so be sure to add this to the Allowed Callback URLs section of your application.
If you deploy your application to a different URL you will also need to ensure to add that URL to the Allowed Callback URLs. For ASP.NET Core this URL will take the format
Configure JSON Web Token Signature Algorithm
The ASP.NET Core OpenID Connect (OIDC) middleware which will be used to authenticate the user, requires that the JSON Web Token (JWT) be signed with an asymmetric key. To configure this go to the settings for your application in the Auth0 Dashboard, scroll down and click on Show Advanced Settings. Go to the OAuth tab and set the JsonWebToken Signature Algorithm to RS256.
Save your changes.
To integrate Auth0 with ASP.NET Core you will use the Cookie and OpenID Connect (OIDC) Middleware. Add the
Microsoft.AspNetCore.Authentication.OpenIdConnect packages to your application.
Install-Package Microsoft.AspNetCore.Authentication.Cookies Install-Package Microsoft.AspNetCore.Authentication.OpenIdConnect
Please continue with the Login tutorial for instruction on how to implement basic login.