Auth0 allows you to quickly add authentication and gain access to user profile information in your application.
This guide demonstrates how to integrate Auth0 with any new or existing ASP.NET MVC application using the
Auth0.AspNetCore.Authentication SDK.
1
Configure Auth0
To use Auth0 services, you’ll need to have an application set up in the Auth0 Dashboard. The Auth0 application is
where you will configure how you want authentication to work for the project you are developing.
Configure an application
Use the interactive selector to create a new Auth0 application or select an existing application that represents the project you want to integrate with. Every application in Auth0 is assigned an alphanumeric, unique client ID that your application code will use to call Auth0 APIs through the SDK.Any settings you configure using this quickstart will automatically update for your Application in the Dashboard, which is where you can manage your Applications in the future.If you would rather explore a complete configuration, you can view a sample application instead.Configure Callback URLs
A callback URL is a URL in your application that you would like Auth0 to redirect users to after they have authenticated. If not set, users will not be returned to your application after they log in.If you are following along with our sample project, set this to
http://localhost:3000/callback.Configure Logout URLs
A logout URL is a URL in your application that you would like Auth0 to redirect users to after they have logged out. If not set, users will not be able to log out from your application and will receive an error.If you are following along with our sample project, set this to
http://localhost:3000.2
Install and Configure the SDK
Install from Nuget
To integrate Auth0 with ASP.NET Core you can use our SDK by installing theAuth0.AspNetCore.Authentication Nuget package to your application.Configure the middleware
To enable authentication in your ASP.NET Core application, use the middleware provided by the SDK. Go to theProgram.cs file and call builder.Services.AddAuth0WebAppAuthentication() to register the
SDK’s middleware.Ensure to configure the Domain and ClientId, these are required fields to ensure the
SDK knows which Auth0 tenant and application it should use.Make sure you have enabled authentication and authorization in your Program.cs file.3
Login
To allow users to login to your ASP.NET MVC application, add a
Login action to your controller.Call HttpContext.ChallengeAsync() and pass Auth0Constants.AuthenticationScheme as the
authentication scheme. This will invoke the OIDC authentication handler that our SDK registers internally. Be sure
to also specify the corresponding authenticationProperties, which you can construct using the
LoginAuthenticationPropertiesBuilder.After succesfully calling HttpContext.ChallengeAsync(), the user will be redirected to Auth0 and
signed in to both the OIDC middleware and the cookie middleware upon being redirected back to your application.
This will allow the users to be authenticated on subsequent requests.Checkpoint
Now that you have configured Login, run your application to verify that:- Navigating to your
Loginaction will redirect to Auth0 - Entering your credentials will redirect you back to your application.
4
Display User Profile
After the middleware has successfully retrieved the tokens from Auth0, it will extract the user’s information and
claims from the ID Token and makes them available as the
User.Claims property on the controller.You can create a custom user profile page for displaying a user’s name, email address, and profile image, by
retrieving the corresponding information from the User and pass it to the view from inside your
controller.Checkpoint
Now that you have set up your action to render the user’s profile, run your application to verify that:- Navigating to your
Profileaction after being succesfully logged in, shows the user’s profile.
5
Logout
Logging out the user from your own application can be done by calling
HttpContext.SignOutAsync with
the CookieAuthenticationDefaults.AuthenticationScheme authentication scheme from inside your
controller’s action.Additionally, If you also want to log the user out from Auth0 (this might also log them out of other applications
that rely on Single Sign On), call HttpContext.SignOutAsync with the
Auth0Constants.AuthenticationScheme authentication scheme as well as the appropriate
authenticationProperties that can be constructed using the
LogoutAuthenticationPropertiesBuilder.Checkpoint
Now that you have configured Logout, run your application to verify that:- Navigating to your
Logoutaction will ensure the user is logged out. - When also logging out from Auth0, you should be redirected to Auth0 and instantly redirected back to your own application.
Next Steps
Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:- Auth0 Dashboard - Learn how to configure and manage your Auth0 tenant and applications
- auth0-aspnetcore-authentication SDK - Explore the SDK used in this tutorial more fully
- Auth0 Marketplace - Discover integrations you can enable to extend Auth0’s functionality