Auth0 allows you to quickly add authentication and gain access to user profile information in your application. This guide demonstrates how to integrate Auth0 with any new or existing ASP.NET MVC application using the Auth0.AspNetCore.Authentication SDK.
Create a new application or select an existing application to integrate with. You can also create and manage your applications in the Dashboard at Dashboard > Applications > Applications.
If you are logged in configuring your settings in the quickstart will automatically update your settings in the dashboard.
A callback URL is a URL in your application where Auth0 redirects the user after they have authenticated. If not set, users won't have a place to be redirected to after logging in.
A logout URL is a URL in your application that Auth0 can return to after the user has been logged out of the authorization server. This is specified in the returnTo query parameter. If this field is not set, users will be unable to log out from the application and will get an error.
To integrate Auth0 with ASP.NET Core you can use our SDK by installing the Auth0.AspNetCore.Authentication
Nuget package to your application.
Install-Package Auth0.AspNetCore.Authentication
To enable authentication in your ASP.NET Core application, use the middleware provided by the SDK. Go to the ConfigureServices
method of your Startup
class and call services.AddAuth0WebAppAuthentication()
to register the SDK's middleware.
Ensure to configure the Domain
and ClientId
, these are required fields to ensure the SDK knows which Auth0 tenant and application it should use.
Make sure you have enabled authentication and authorization in your Startup.Configure
method.
To allow users to login to your ASP.NET MVC application, add a Login
action to your controller.
Call HttpContext.ChallengeAsync()
and pass Auth0Constants.AuthenticationScheme
as the authentication scheme. This will invoke the OIDC authentication handler that our SDK registers internally. Be sure to also specify the corresponding authenticationProperties
, which you can construct using the LoginAuthenticationPropertiesBuilder
.
After succesfully calling HttpContext.ChallengeAsync()
, the user will be redirected to Auth0 and signed in to both the OIDC middleware and the cookie middleware upon being redirected back to your application. This will allow the users to be authenticated on subsequent requests.
Now that you have configured Login, run your application to verify that:
Login
action will redirect to Auth0After the middleware has successfully retrieved the tokens from Auth0, it will extract the user's information and claims from the ID Token and makes them available as the User.Claims
property on the controller.
You can create a custom user profile page for displaying a user's name, email address, and profile image, by retrieving the corresponding information from the User
and pass it to the view from inside your controller.
Now that you have set up your action to render the user's profile, run your application to verify that:
Profile
action after being succesfully logged in, shows the user's profile.Logging out the user from your own application can be done by calling HttpContext.SignOutAsync
with the CookieAuthenticationDefaults.AuthenticationScheme
authentication scheme from inside your controller's action.
Additionaly, If you also want to log the user out from Auth0 (this might also log them out of other applications that rely on Single Sign On), call HttpContext.SignOutAsync
with the Auth0Constants.AuthenticationScheme
authentication scheme as well as the appropriate authenticationProperties
that can be constructed using the LogoutAuthenticationPropertiesBuilder
.
Now that you have configured Logout, run your application to verify that:
Logout
action will ensure the user is logged out.Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.
This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:
Sign up for an or to your existing account to integrate directly with your own tenant.