Configure Applications with OIDC Discovery

You can configure applications with the OpenID Connect (OIDC) discovery documents found here:

https://{yourDomain}/.well-known/openid-configuration

For example, this is how to configure OIDC middleware for Katana v3 (OWIN):

1. Install the nuget package: Microsoft.Owin.Security.OpenIdConnect (v3.x.x)

2. Go to App_Start\Startup.Auth.cs and replace your implementation with the following:

   Log in

   to configure this snippet with your account

   app.UseCookieAuthentication(new CookieAuthenticationOptions
         {
       AuthenticationType = CookieAuthenticationDefaults.AuthenticationType
         });
   
         app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
         {
       Authority = "https://{yourDomain}/",
       ClientId = "{yourClientId}",
       SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
       ResponseType = "token",
       Notifications = new OpenIdConnectAuthenticationNotifications
       {
     // OPTIONAL: you can read/modify the claims that are populated based on the JWT
     SecurityTokenValidated = context =>
     {
       // add Auth0 Access Token as claim
       var accessToken = context.ProtocolMessage.AccessToken;
       if (!string.IsNullOrEmpty(accessToken))
       {
         context.AuthenticationTicket.Identity.AddClaim(new Claim("access_token", accessToken));
       }
   
       return Task.FromResult(0);
     }
   }
         });

   Was this helpful?

   Yes /No

The OIDC middleware does not support JWTs signed with symmetric keys. Make sure you configure your app to use the RSA algorithm using public/private keys.

1. Go to Dashboard > Settings.

2. Click Show Advanced Settings.

3. Set RS256 as JsonWebToken Token Signature Algorithm and click Save.

With this setting, Auth0 will issue JWTs signed with your private signing key. Your app will verify them with your public signing key.