Auth0 configuration for Web API core 2.0

Help
,
1

Hi,

Microsoft have changed the way they configure a Web API in core 2.0 but the Auth0 documentation is for core 1.0. Does anyone have an example of how it should be done in core 2.0 with an asymetric key?

I assume it is something like this

services.AddAuthentication()
            .AddJwtBearer(cfg =>
            {
                cfg.RequireHttpsMetadata = false;
                cfg.SaveToken = true;

                cfg.TokenValidationParameters = new TokenValidationParameters()
                {
                    ValidIssuer = $"https://{Configuration"Auth0:Domain"]}/",
                    ValidAudience = Configuration"Auth0:ClientId"],
                    IssuerSigningKey = IssuerSigningKey = new AsymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration"AppSettings:Auth0ApiToken"]))
                };

            });

Thanks.

2

Our Quickstart shows the correct way for ASP.NET Core 2.0:
Auth0 ASP.NET Core Web API SDK Quickstarts: Authorization

If you’re starting a new project from scratch, you can also give our new .NET Core templates a spin:
https://github.com/auth0-community/auth0-dotnet-templates

3

It still doesn’t specify how to add the API audience to the mvc app to allow access in behalf of the user…
Help please?

4

Yes, because the MVC app and the API are 2 different things. Your question was related to the API.

If you want to know how to specify the audience in the MVC app, please have a look at this section of the MVC quickstart:
https://auth0.com/docs/quickstart/webapp/aspnet-core/v2/01-login#obtaining-an-access-token-for-calling-an-api