- This is a simple
ASP.NET Web API .NET6application to test out auth0 - n.b. there is an associated React application that can call this Web Api; it can be found at: https://github.com/johnmchale/callapiwithbearertoken
- It is the default
ASP.NET Web API .NET6project using the WeatherForecast controller to return random weather forecasts - However, the WeatherForecast controller is protected using auth0
- To try out the repo, you will need to sign up to auth0 and create a API application, then enter your tenant ID in the appsettings.json file
- Enter a name for your application and an identifier (in this case, I used the URL of the running application) and hit Create
- Now, you need to enter your tenant ID in the Domain part of the appsettings.json. The tenant ID can be obtained from the home screeen
- n.b. you need to append .us.auth0.com to the tenant ID (e.g. dev-x999aaaa.us.auth0.com ). The audience will be the identifier you used above
"Auth0": {
"Domain": "dev-x999aaaa.us.auth0.com",
"Audience": "https://localhost:7028/"
}- To try out the authorization, you can use Postman. Firstly, we'll use Postman to obtain a token. You need details from auth0 to get the token
- (i.e. client_id, client_secret, audience and grant_type). These can be obtained in auth0 using:
- Then feed the values into Postman n.b. the URL will include your tenant ID as shown above
- Now you can test the application with the token (i.e. copy/paste the token above into a GET request on the WeatherForecast controller...)
- You can try with and without a token (without token = '401 Unauthorized', with token = '200 Successful')
- You can also test out the application using the Swagger page (remember to enter the token by hitting the 'Authorize' button
- The token must be prefixed with the word 'bearer' and a space
