Setting up ASP.NET Core Web App - ob1dev/Auth0 GitHub Wiki
Now you need to create the Web App (blue box) and wire it up with Auth0 (orange box).
Step 1: Create ASP.NET Core 2.1 Web Application
In Visual Studio 2017, create a new project ASP.NET Core Web Application using the template Web Application (Model-View-Controller).
For more information see Web App - Init
Step 2: Add Auth0 credentials into Web App settings
Configure the created Web App with Auth0 Application credentials such as Domain, Client ID and Client Secret.
- Domain:
olegburov.auth0.com - Client ID:
vRmDy1JB5sN1j6OqyKP5obij6C4s6BcW - Client Secret:
uhPo80PC1GB3ZJsIzbO61-DDmUjb3W6BNtOZpBeSUmsthosE_9zdrz2GY73OCdTg
For more information see Web App - AppSettings
Step 3: Add Authentication middleware
To restrict access to Web App enable authentication in your ASP.NET Core application using Auth0 Universal Login.
ASP.NET Core Team has done a terrific job. To wire up Auth0 with Web App is so easy. What you need to do is just configure Authentication middleware as a service using the OpenID Connect protocol, and then enable it. That's it!
For more information see Web App - Middleware
Step 4: Add Login feature
Add actions for a user to sing in and sign out using Auth0 through OpenID Connect provider, which has been already configured in the previous step.
For more information see Web App - Login
Step 5: Add Profile feature
Show a user's information based on the data received from Auth0.
For more information see Web App - Profile
Step 6: Add authentication and custom roles
To add authentication based on custom roles are already built-in. What you need to do just tell OpenID Connect middleware where to get roles from the data returned from Auth0.
For more information see Web App - Roles
Summary
You now have a complete Web App that delegates authentication and authorization to Auth0. When a user requests a protected page or ask directly to sign in, the Web App redirects the user to Auth0. Once Auth0 authenticates user and authorize application, it redirects the user back to Web App. At the end of the flow, the Web App gets the ID Token with a set of claims (based on the tokens id_token, profile and email), which have a user related information. In the next tutorial you'll expand the functionality by adding Auth0 API in addition to Auth Application.