Add login to your ASP.NET Owin application

Auth0 allows you to quickly add authentication and gain access to user profile information in your application. This guide demonstrates how to integrate Auth0 with any new or existing ASP.NET OWIN application using the Microsoft.Owin.Security.OpenIdConnect Nuget package.

To use Auth0 services, you’ll need to have an application set up in the Auth0 Dashboard. The Auth0 application is where you will configure how you want authentication to work for the project you are developing.

Configure an application

Use the interactive selector to create a new Auth0 application or select an existing application that represents the project you want to integrate with. Every application in Auth0 is assigned an alphanumeric, unique client ID that your application code will use to call Auth0 APIs through the SDK.

Any settings you configure using this quickstart will automatically update for your Application in the Dashboard, which is where you can manage your Applications in the future.

If you would rather explore a complete configuration, you can view a sample application instead.

Configure Callback URLs

A callback URL is a URL in your application that you would like Auth0 to redirect users to after they have authenticated. If not set, users will not be returned to your application after they log in.

Configure Logout URLs

A logout URL is a URL in your application that you would like Auth0 to redirect users to after they have logged out. If not set, users will not be able to log out from your application and will receive an error.

Install from Nuget

To integrate Auth0 with ASP.NET OWIN, you can use the Microsoft.Owin.Security.OpenIdConnect and Microsoft.Owin.Security.Cookies Nuget packages.

Install-Package Microsoft.Owin.Security.OpenIdConnect
Install-Package Microsoft.Owin.Security.Cookies

Configure the credentials

For the SDK to function properly, set the following properties in Web.config:

  • auth0:Domain: The domain of your Auth0 tenant. You can find this in the Auth0 Dashboard under your application's Settings in the Domain field. If you are using a custom domain, set this to the value of your custom domain instead.
  • auth0:ClientId: The ID of the Auth0 application you created in Auth0 Dashboard. You can find this in the Auth0 Dashboard under your application's Settings in the Client ID field.

To enable authentication in your ASP.NET OWIN application, go to the Configuration method of your Startup class and configure the cookie and OIDC middleware.

It is essential that you register both the cookie middleware and the OpenID Connect middleware as both are required (in that order) for authentication to work. The OpenID Connect middleware handles the authentication with Auth0. Once users have authenticated, their identity is stored in the cookie middleware.

In the code snippet, AuthenticationType is set to Auth0. Use AuthenticationType in the next section to challenge the OpenID Connect middleware and start the authentication flow. RedirectToIdentityProvider notification event constructs the correct logout URL.

To allow users to login to your ASP.NET OWIN application, add a Login action to your controller.

Call HttpContext.GetOwinContext().Authentication.Challenge and pass "Auth0" as the authentication scheme. This invokes the OIDC authentication handler that was registered earlier. Be sure to specify the corresponding AuthenticationProperties, including a RedirectUri.

After succesfully calling HttpContext.GetOwinContext().Authentication.Challenge, the user redirects to Auth0 and signed in to both the OIDC middleware and the cookie middleware upon being redirected back to your application. This will allow the users to be authenticated on subsequent requests.

Checkpoint

Now that you have configured Login, run your application to verify that:

  • Navigating to your Login action will redirects to Auth0
  • Entering your credentials will redirect you back to your application.

From your controller's action, call HttpContext.GetOwinContext().Authentication.SignOut with the CookieAuthenticationDefaults.AuthenticationType authentication scheme to log the user out of your application.

Additionaly, if you want to log the user out from Auth0 (this might also log them out of other applications that rely on Single Sign-On), call HttpContext.GetOwinContext().Authentication.SignOut with the "Auth0" authentication scheme.

Checkpoint

Now that you have configured Logout, run your application to verify that:

  • Navigating to your Logout action ensures the user is logged out.
  • Duing logout, you redirect to Auth0 and instantly redirect back to your own application during log out.

After the middleware successfully retrieves the tokens from Auth0, it extracts the user's information and claims from the ID token and makes them available as ClaimsIdentity. Access the extracted information by using the User property on the controller.

To create a user profile, retrieve a user's name, email address, and profile image from the User and pass it to the view from inside your controller.

Checkpoint

Now that you have set up your action to render the user's profile, run your application to verify that:

  • Navigating to your Profile action after being succesfully logged in, shows the user's profile.

Next Steps

Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.

This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:

  • Auth0 Dashboard - Learn how to configure and manage your Auth0 tenant and applications
  • Auth0 Marketplace - Discover integrations you can enable to extend Auth0’s functionality

Did it work?

Any suggestion or typo?

Edit on GitHub
Sign Up

Sign up for an or to your existing account to integrate directly with your own tenant.