Add login to your ASP.NET Owin application
Auth0 allows you to quickly add authentication and gain access to user profile information in your application. This guide demonstrates how to integrate Auth0 with any new or existing ASP.NET OWIN application using the Microsoft.Owin.Security.OpenIdConnect
Nuget package.
To use Auth0 services, you’ll need to have an application set up in the Auth0 Dashboard. The Auth0 application is where you will configure how you want authentication to work for the project you are developing.
Configure an application
Use the interactive selector to create a new Auth0 application or select an existing application that represents the project you want to integrate with. Every application in Auth0 is assigned an alphanumeric, unique client ID that your application code will use to call Auth0 APIs through the SDK.
Any settings you configure using this quickstart will automatically update for your Application in the Dashboard, which is where you can manage your Applications in the future.
If you would rather explore a complete configuration, you can view a sample application instead.
Configure Callback URLs
A callback URL is a URL in your application that you would like Auth0 to redirect users to after they have authenticated. If not set, users will not be returned to your application after they log in.
Configure Logout URLs
A logout URL is a URL in your application that you would like Auth0 to redirect users to after they have logged out. If not set, users will not be able to log out from your application and will receive an error.
Install from Nuget
To integrate Auth0 with ASP.NET OWIN, you can use the Microsoft.Owin.Security.OpenIdConnect
and Microsoft.Owin.Security.Cookies
Nuget packages.
Install-Package Microsoft.Owin.Security.OpenIdConnect
Install-Package Microsoft.Owin.Security.Cookies
Was this helpful?
Configure the credentials
For the SDK to function properly, set the following properties in Web.config
:
auth0:Domain
: The domain of your Auth0 tenant. You can find this in the Auth0 Dashboard under your application's Settings in the Domain field. If you are using a custom domain, set this to the value of your custom domain instead.auth0:ClientId
: The ID of the Auth0 application you created in Auth0 Dashboard. You can find this in the Auth0 Dashboard under your application's Settings in the Client ID field.
To enable authentication in your ASP.NET OWIN application, go to the Configuration
method of your Startup
class and configure the cookie and OIDC middleware.
It is essential that you register both the cookie middleware and the OpenID Connect middleware as both are required (in that order) for authentication to work. The OpenID Connect middleware handles the authentication with Auth0. Once users have authenticated, their identity is stored in the cookie middleware.
In the code snippet, AuthenticationType
is set to Auth0. Use AuthenticationType
in the next section to challenge the OpenID Connect middleware and start the authentication flow. RedirectToIdentityProvider
notification event constructs the correct logout URL.
To allow users to log in to your ASP.NET OWIN application, add a Login
action to your controller.
Call HttpContext.GetOwinContext().Authentication.Challenge
and pass "Auth0"
as the authentication scheme. This invokes the OIDC authentication handler that was registered earlier. Be sure to specify the corresponding AuthenticationProperties
, including a RedirectUri
.
After successfully calling HttpContext.GetOwinContext().Authentication.Challenge
, the user redirects to Auth0 and signed in to both the OIDC middleware and the cookie middleware upon being redirected back to your application. This will allow the users to be authenticated on subsequent requests.
Checkpoint
Now that you have configured Login, run your application to verify that:
- Navigating to your
Login
action will redirect to Auth0 - Entering your credentials will redirect you back to your application.
From your controller's action, call HttpContext.GetOwinContext().Authentication.SignOut
with the CookieAuthenticationDefaults.AuthenticationType
authentication scheme to log the user out of your application.
Additionally, if you want to log the user out from Auth0 (this might also log them out of other applications that rely on Single Sign-On), call HttpContext.GetOwinContext().Authentication.SignOut
with the "Auth0"
authentication scheme.
Checkpoint
Now that you have configured Logout, run your application to verify that:
- Navigating to your
Logout
action ensures the user is logged out. - During logout, you redirect to Auth0 and instantly redirect back to your application during log out.
After the middleware successfully retrieves the tokens from Auth0, it extracts the user's information and claims from the ID token and makes them available as ClaimsIdentity
. Access the extracted information by using the User
property on the controller.
To create a user profile, retrieve a user's name, email address, and profile image from the User
and pass it to the view from inside your controller.
Checkpoint
Now that you have set up your action to render the user's profile, run your application to verify that:
- Navigating to your
Profile
action after being successfully logged in, shows the user's profile.
Next Steps
Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.
This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:
- Auth0 Dashboard - Learn how to configure and manage your Auth0 tenant and applications
- Auth0 Marketplace - Discover integrations you can enable to extend Auth0’s functionality
Sign up for an or to your existing account to integrate directly with your own tenant.