ASP.NET Core Storing Tokens

Version: v2.0

Sample Project

Download a sample project specific to this tutorial configured with your Auth0 API Keys.

System Requirements
  • .NET Core SDK 2.0
  • .NET Core 2.0
  • ASP.NET Core 2.0
Show requirements

The OIDC middleware in ASP.NET Core will automatically Decode the ID Token returned from Auth0 and will automatically add the claims contained in the ID Token as claims on the ClaimsIdentity.

This means that inside any of the actions in your controllers you can simply use User.Claims.FirstOrDefault("<claim type>").Value to obtain the value of a particular claim.

The seed project contains a controller action and view which will display the claims associated with a particular user. Once a user has signed in, you can simply go to /Account/Claims to see these claims.

Storing the Tokens

Sometimes you may want to access the tokens received from Auth0. For example, you may want to get the access_token to authenticate against API calls. In order to do this, you will need to set the SaveTokens property to true when calling AddOpenIdConnect. This will save the tokens to the AuthenticationProperties:

// Startup.cs

public void ConfigureServices(IServiceCollection services)
    // Add authentication services
    services.AddAuthentication(options => {
        options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    .AddOpenIdConnect("Auth0", options => {
        // ...

        // Saves tokens to the AuthenticationProperties
        options.SaveTokens = true;

        options.Events = new OpenIdConnectEvents
            // handle the logout redirection 
            OnRedirectToIdentityProviderForSignOut = (context) =>

To subsequently retrieve any of the tokens you can call GetTokenAsync:

// Inside one of your controller actions

if (User.Identity.IsAuthenticated)
    string accessToken = await HttpContext.GetTokenAsync("access_token");
    string idToken = await HttpContext.GetTokenAsync("id_token");

    // Now you can use them. For more info on when and how to use the 
    // access_token and id_token, see
Previous Tutorial
2. Login
Next Tutorial
4. User Profile
Use Auth0 for FREECreate free Account