Customizing ASP.NET Authentication with Identity

Want to know how to use the new ASP.NET Identity system to manage access to your web apps and services? Explore the evolution of membership and identity in ASP.NET, and get real-world guidance and best practices on how to implement the newly architected system so you can easily define and manage users.

Thanks for watching

If you liked this post, share it with all of your programming buddies!

Follow us on Facebook | Twitter

Further reading

The Complete ASP.NET MVC 5 Course

Build an app with ASPNET Core and Angular from scratch

Build a REST API with ASP.NET Core 2.2

Build RESTful APIs with ASP.NET Core

Build a CRUD App with ASP.NET Core 2.2 and SQL Server

Building Authenticated Web app with C#, Blazor and ASP.NET Core 3.0

Building Authenticated Web app with C#, Blazor and ASP.NET Core 3.0

Goodbye Javascript! Now, i can Building an Authenticated Web App in C# with Blazor + ASP.NET Core 3.0.

Curious what the experience would be like to trade in Javascript for C# on the front end? You are about to find out!

Table of Contents

  • Build a Basic Website with ASP.NET Core 3.0 + Blazor
  • Add User Authentication your Blazor Web App
  • Set Up Your Okta Account to handle the ASP.NET Core 3.0 Blazor App
  • Configure Your Blazor App to use Okta as the External Auth Provider
  • Add User Login to your Blazor Web App UI
  • Test Okta Registration and Login for Your Blazor App
  • Learn More about ASP.NET Core, Blazor and Authentication

For many years, Javascript (and it’s child frameworks) have had their run of the DOM (Document Object Model) in a browser, and it took having that scripting knowledge to really manipulate client-side UI. About 2 years ago, all of that changed with the introduction of Web Assembly - which allows compiled languages to be interpreted client-side and is fully supported across all browsers now. Microsoft’s answer to this was the creation of Blazor. Allowing C# developers to build their entire stack in .NET, including UI, was an exciting proposition. For some time Blazor has been in preview but is now included as a general release on September 23rd, 2019 along with the next iteration of .NET Core - version 3.0.

In order to build with Blazor and ASP.NET Core 3.0, you need the following prerequisites installed and ready to go:

Build a Basic Website with ASP.NET Core 3.0 + Blazor

Now that you have your dev environment handy, let’s get familiar with what a basic website walkthrough would be like. There are two ways you can utilize this technology: client-side or server-side Blazor. For this example, the server-side option is the best choice for stability, as client-side Blazor is still new and working on the final release. Stay tuned for that implementation!

First, you’ll need to create a Blazor project. To get the latest Blazor project templates to work with Visual Studio or VS Code, simply install them from the command line/terminal from your base repo directory:

dotnet new -i Microsoft.AspNetCore.Blazor.Templates::3.0.0-preview9.19424.4

Visual Studio (16.3 or later) will detect that the templates have been installed and surface them to you without the need for any additional extensions. Now it’s time to scaffold your new project. From your parent directory of code repositories, execute the following command:

dotnet new blazorserver -o OktaBlazorAspNetCoreServerSide

Once it’s been run, open up the OktaBlazorAspNetCoreServerSide folder in Visual Studio Code. Once loaded, if you look in the bottom right-hand corner of the IDE you will see a permission request to add assets to the build. Select Yes.

Now that everything has been loaded up, return to your command line/terminal and run the project.

dotnet run

Launch your browser of choice and navigate to https://localhost:5001. You should see a templated website.

Add User Authentication your Blazor Web App

ASP.NET Core 3.0 has brought along with it some hefty changes to the libraries and dependencies from previous versions of .NET Core. To get started with using an external OAuth provider, like Okta, there is a NuGet package you need to add to the project. Fire up your command line/terminal window in VS Code and add the Okta .NET SDK:

dotnet add package Okta.Sdk --version 1.4.0

In 3.0, ASP.NET Core ships as part of the .NET Core shared framework. The metapackage that was used for 2.x apps is no longer used. The first line of your project file that references the Web SDK is what pulls in the shared assemblies for ASP.NET Core.

For user authentication with OAuth, there is an additional layer of information you will use, called Open ID Connect (OIDC). While much of handling authentication is baked into the new 3.0 framework, OIDC is not included, so you’ll need to add a quick reference to that.

dotnet add package Microsoft.AspNetCore.Authentication.OpenIdConnect --version 3.0.0-preview9.19424.4

Authentication works by redirecting users to the Okta website, where they will log in with their credentials, and then be returned to your site via the URL you will configure in the next section. Add the following code to the very top of your appsettings.json file, inside of the first brackets, and separate it from the rest of the settings by adding a comma after it.

"Okta": {
    "Issuer": "",
    "ClientId": "{yourClientId}",
    "ClientSecret": "{yourClientSecret}"

Your file should look like this:

Just to make sure everything still can run, go ahead and execute dotnet run again.

Set Up Your Okta Account to handle the ASP.NET Core 3.0 Blazor App

Execute the following steps to configure Okta so that users can register themselves for an account.

  1. From the Administrative Dashboard, hover over Users and click Registration
  2. Click Enable Registration
  3. Save the changes

Once you have access to your account you can proceed to the Dashboard using a link like the one below:

On the Dashboard, click Applications in the main menu and on the Application screen, click Add Application. Then select Web and click Next.

On the Create New Application screen, set the following values:

  • Name: OktaBlazorAspNetCoreServerSide

  • Base URIs: https://localhost:5001/

  • Login redirect URIs: https://localhost:5001/authorization-code/callback

Click Done, then click Edit next to General Settings on your newly created Okta app. Edit the following values: Logout redirect URIs: https://localhost:5001/signout-callback-oidc Initiate login URI: https://localhost:5001/authorization-code/callback

Once you’ve saved those values, scroll down and take note of the ClientID and ClientSecret.

ClientId refers to the client ID of the Okta application ClientSecret refers to the client secret of the Okta application Issuer will need the text {yourOktaDomain} replaced with your Okta domain, found at the top-right of the Dashboard page.

You will use your Okta account settings to update those values in the appsettings.json file in your project.

Configure Your Blazor App to use Okta as the External Auth Provider

Great! Now that Okta has been configured and is ready to go, there are a few changes that need to be made to the application startup.

Add these using statements to your Startup.cs file:

using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.IdentityModel.Tokens;

Replace all the code in the ConfigureServices method with the code below.

public void ConfigureServices(IServiceCollection services)
    services.AddAuthentication(sharedOptions =>
        sharedOptions.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
    .AddOpenIdConnect(options =>
        options.ClientId = Configuration["okta:ClientId"];
        options.ClientSecret = Configuration["okta:ClientSecret"];
        options.Authority = Configuration["okta:Issuer"];
        options.CallbackPath = "/authorization-code/callback";
        options.ResponseType = "code";
        options.SaveTokens = true;
        options.UseTokenLifetime = false;
        options.GetClaimsFromUserInfoEndpoint = true;
        options.TokenValidationParameters = new TokenValidationParameters
            NameClaimType = "name"

ASP.NET Core 3.0 has new options to configure the services in this file. UseAuthorization has been newly added to 3.0 project templates.

In the Configure() method of your Startup.cs file add this line just before the app.UseEndpoints() method:


In this example, you'll see there's a new UseEndpoints method in Startup.cs. This is what enables the new endpoint routing system in ASP.NET Core. All 3.0 project templates use that now. Think of this as a more performant routing system.

NOTE: In the context of Blazor apps, endpoint routing is the more holistic way of handling redirects. This is covered here in depth. Also, see this documentation to learn more about it. Endpoint routing shipped in ASP.NET Core 2.2, but it didn't become the default in the templates until 3.0.

Add User Login to your Blazor Web App UI

Time to add some user personalization to this app! Open Shared/MainLayout.razor and add the following HTML right before the About link.

            <a href="Identity/Account/Manage">Hello, @context.User.Identity.Name!</a>
            <a href="Identity/Account/LogOut">Log out</a>
            <a href="Identity/Account/Register">Register</a>
            <a href="Identity/Account/Login">Log in</a>

Using <AuthorizeView> is the easiest way to access authentication data, and is useful when you need to display a user’s name. The <AuthorizeView> component exposes a context variable of type AuthenticationState. In order to add this state to our app, open App.razor and wrap the HTML you see with <CascadingAuthenticationState> tags at the parent level. It should look like this:

    <Router AppAssembly="@typeof(Program).Assembly">
Test Okta Registration and Login for Your Blazor App

That’s it! To test it out, go back to the command line/terminal and execute dotnet run.

Then navigate to http://localhost:5001 in your browser. Click Login and you should be redirected to the Okta Sign-In Page.

Because you configured your Okta org for self-registration, there should be an option at the bottom of the widget to allow users to register for a new account.

Now you have a website with a working login and user registration form. Your website also allows users to recover lost passwords. By repeating these steps you can create a network of tools that your users can access all with the same login.

All of that and not one line of Javascript. The future is looking bright for C#, give it a go with Blazor!

Thank for reading! Originally published on

MVC.Net Web Application Development Services| MVC.Net Expertise | Hire MVC.Net Developers

CMARIX is among leading MVC.Net web application Development Services. We have the inhouse team of MVC.Net expertise to build scalable, standards-based MVC architecture enterprise applications as per your business needs.

CMARIX is among leading MVC.Net web application Development Services. We have the inhouse team of MVC.Net expertise to build scalable, standards-based MVC architecture enterprise applications as per your business needs.

What are some web stacks using .NET for the back end development?

What are some web stacks using .NET for the back end development?

Microsoft has helped web developers develop web applications for a long time. There have been many updates in its framework and even after the release of so many other web development frameworks it has sustained itself in the market. The framework...

Microsoft has helped web developers develop web applications for a long time. There have been many updates in its framework and even after the release of so many other web development frameworks it has sustained itself in the market. The framework was released in the year 2002 and since then there have been many web applications that took its help for creating both front end and back end. With this, the developers can develop not just web-based applications but also form-based applications. Asp .net development services can be used by the developers to develop dynamic web applications that are in trend.

What is Back-End Development?

The back end of a web application is also known as the server-side. Basically, the back end of a web application consists of a server, a database and an application(Web server, Programming Language, Web Framework). All the work like programming the logic for the business, server-side hosting and deployment, working with the database, etc. are the things that are performed by the web developers under the back end development. The enterprises can hire a dot net programmer for the purpose of developing a good web application whose back end will also be strong and secure. A web development company uses many stacks for the purpose of developing a web application whose back end and front end are developed perfectly. The best web development services also use the stacks that the use of Asp .net development services for the purpose of back end development.

Using the .Net web stack:

The developers can use the .Net web stack for the purpose of back end web development too, generally .Net is used in the development of the middle tier of a web application but the web stack can also be used to develop the server-side or the back end. For years .Net has been a framework that has been trusted by many developers because of its rich features, and because its framework is battle-tested. Enterprises can hire a dot net programmer to develop a dynamic and interactive web application. One of the best web stacks in the world, Microsoft’s technology stack uses .Net for its web application development. The .Net stack is can be viewed as a subset of the overflow stack, it is a comprehensive technology stack that can fulfill the demands of the front-end, .Net and the database developers.

.Net stack can be combined with various open-source technologies to develop a wide variety of applications ranging from small scale server-side(Back-end) web apps to big enterprise-level and transaction processing system applications.

The .Net web stack consists of almost 60 frameworks, platforms, SDKs, SOA, IDE’s, Libraries, etc. It is spread over 13 different layers. The stack includes CLI languages like C#, F#, VB.NET, Fantom, etc.

Below are some of the key features of the .Net Web stack:

1. Interoperability

Interoperability means the quality of a system or a language or a framework to exchange and use the information. Interoperability between various platforms is a major advantage of using the .Net technology stack. It enables users to make use of a wide range of complementing features. The web development company that used the .Net tech stack will be benefitted very much because of this feature.

2. Dependence of Languages

With .Net tech stack, the web app developers get the freedom to use any language they prefer. Other stacks do not allow the developers to choose any language they choose, there are some specified languages that have been used by the developers while developing a web application with other stacks.

3. Portable

The stack is compatible with many other frameworks and platforms, which makes the portability of the application being developed very easy. This is one of the most important features of this stack.

4. Secure

Security is one of the most important aspects when any kind of application is developed, especially in the case of a web application, there are many hackers out there who can try to attack and gain control of the developed application. With the use of this stack, the developers can ensure the security of the code and the application that is being developed.

5. Speed

The projects developed through this stack can be completed faster and on time because of its high speed. The developers can ensure timely launches, and satisfaction of the stakeholders. The speed of the framework, the stack and the platform on which the application is being developed to play an important role in the development time and runtime.

There best web development services in the world want a web tech stack that can provide them with the best in class features and the features of the .Net stack look great. With so many benefits there should be no doubts on why .Net Stack should be used for the purpose of the development of web applications.