ASP.NET Web API Tutorial

Download a sample project.

Otherwise, please follow the steps below to configure your existing ASP.NET Web API app to use it with Auth0.

1. Install the WebApi.JsonWebToken & Auth0-ASPNET packages

You can either run the following commands or install them via Package Manager.

Install-Package WebApi.JsonWebToken
Install-Package Auth0-ASPNET

2. Configure the JsonWebToken message handler

Open the WebApiConfig.cs file located in the App_Start folder and add the following using statements:

using System.Web.Configuration;

Remember to replace the placeholder for your project name in the first using statement.

Add the following code snippet inside the Register method.

var clientID = WebConfigurationManager.AppSettings["auth0:ClientId"];
var clientSecret = WebConfigurationManager.AppSettings["auth0:ClientSecret"];

config.MessageHandlers.Add(new JsonWebTokenValidationHandler()
    Audience = clientID,
    SymmetricKey = clientSecret

3. Update the web.config file with your app's credentials

Open the Web.config file located at the project's root.

Locate the following entries inside the <appSettings> section.

<add key="auth0:ClientId" value="YOUR_CLIENT_ID" />
<add key="auth0:ClientSecret" value="YOUR_CLIENT_SECRET" />

Set the respective values.

4. Securing your API

All you need to do now is add the [System.Web.Http.Authorize] attribute to the controllers/actions for which you want to verify that users are authenticated.

5. You're done!

Now you have both your FrontEnd and Backend configured to use Auth0. Congrats, you're awesome!

Optional Steps

Configuring CORS

One of the requirements is package Microsoft.AspNet.WebApi.Cors. You can use the following command from VS2013 Package Manager Console:

Install-Package Microsoft.AspNet.WebApi.Cors

For more details, you can follow this article to configure CORS in your application.

Try Auth0 for FREECreate free Account