ASP.NET Core: Introduction
This tutorial and seed project have been tested with the following:
- .NET Core SDK 2.0
- .NET Core 2.0
- ASP.NET Core 2.0
To complete this tutorial, you can use command line tools and any code editor. Alternatively, you can use Microsoft Visual Studio 2017 Update 3. For more details on how to use .NET Core on your platform, read the .NET Core documentation.
This quickstart guide walks you through integrating Auth0 into your ASP.NET Core MVC application.
If you want to follow along with this quickstart guide, you can download the seed project. The sample contains an ASP.NET MVC application with a home page and some NuGet packages. It also contains an
appSettings.json file, where you can configure the Auth0-related settings for your application.
To see what the project looks like after each step, check the Quickstart folder in the ASP.NET Core MVC Samples repository.
Get Your Application Keys
When you signed up for Auth0, you created a new client.
Your application needs some details about this client to communicate with Auth0. You can get these details from the Settings section for your client in the Auth0 dashboard.
You need the following information:
- Client ID
Configure Callback URLs
The Callback URL of your application is the URL where Auth0 will redirect to after the user has authenticated in order for the OpenID Connect middleware to complete the authentication process.
You will need to add this URL to the list of Allowed URLs for your application. The Callback URL for the seed project is
http://localhost:60856/signin-auth0 if you use IIS Express, or
http://localhost:5000/signin-auth0 if you use Kestrel, so be sure to add this to the Allowed Callback URLs section of your application.
If you deploy your application to a different URL you will also need to ensure to add that URL to the Allowed Callback URLs. For ASP.NET Core this URL will take the format
Configure JSON Web Token Signature Algorithm
The ASP.NET Core OpenID Connect (OIDC) middleware which will be used to authenticate the user, requires that the JSON Web Token (JWT) be signed with an asymmetric key. To configure this go to the settings for your application in the Auth0 Dashboard, scroll down and click on Show Advanced Settings. Go to the OAuth tab and set the JsonWebToken Signature Algorithm to RS256.
Save your changes.
To integrate Auth0 with ASP.NET Core you will use the Cookie and OpenID Connect (OIDC) authentication handlers. The seed project already references the ASP.NET Core metapackage (
Microsoft.AspNetCore.All) which includes all NuGet packages shipped by Microsoft as part of ASP.NET Core 2.0, including the packages for the Cookie and OIDC authentication handlers.
If you are adding this to your own existing project, and you have note referenced the metapackage, then please make sure that you add the
Microsoft.AspNetCore.Authentication.OpenIdConnect packages to your application.
Install-Package Microsoft.AspNetCore.Authentication.Cookies Install-Package Microsoft.AspNetCore.Authentication.OpenIdConnect