Auth0 Authentication for .Net Core Web API

4.4k views Asked by At

I have a web API created in .net core 1.1. I have used Auth0 to Authenticate it with social logins. The client type chosen is “API’s BETA”. I have another web application created in .net core 1.1 which is using Another Auth0 [ Regular Web Application] to Authenticate social logins.

Is this possible to use the access token created by the web application to be passed as Authorization header and get access to the web api methods?

Thanks, Sendhil

1

There are 1 answers

3
Matias Quaranta On BEST ANSWER

I wrote a post on Auth0 regarding API authentication with JWT tokens on ASP.NET Core and how to create clients using Autorest.

The post has a public GitHub repo with the whole scenario (Web app + API) available.

Basically, you pass along the JWT token and validate it on the API with this on your Startup.cs:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{

/*Enabling swagger file*/

app.UseSwagger();

/*Enabling Swagger ui, consider doing it on Development env only*/

app.UseSwaggerUi();

/*It's important that this is AFTER app.UseSwagger or the swagger.json file would be innaccesible*/

var options = new JwtBearerOptions

{

    Audience = Configuration["auth0:clientId"],

    Authority = $"https://{Configuration["auth0:domain"]}/"

};

app.UseJwtBearerAuthentication(options);

/*Normal MVC mappings*/

app.UseMvc();

}