I’m building a C# application which I want to access the APIs for Openshift. From my investigations I believe I should be using the Authorization Code Grant (PKCE).
Auth0.AuthenticationAPI was upgraded from v3 to v4 to make it compatible with OIDC, however Auth0.OidcClient seems to be explictly about building a OIDC client. Which should be preferred for new projects?
Is it even possible to execute an Authorization Code Grant (PKCE) using the Auth0.OidcClient? When using this client the access_token I receive back appears to be a JWT - should this be what is sent to the API?
If you want to use PKCE you can use the Auth0 OIDC Client.
If you’re using UWP, please look at this quickstart:
And for Windows Forms or WPF, you can look at this one:
To obtain an access_token which you can pass as authorization when calling your APIs, you need to pass the audience for your API when calling LoginAsync. See API Authorization
Great, thanks for the info @jerrie1. I still haven’t managed to authenticate correctly with the openshift api, but that might be misconfiguration on the resource server side. Will look into it further this evening. At least I know that the recommended client api is the Auth0.Oidc one now.
Might I suggest that you change the link on the WPF/Winforms quickstart page from Auth0 OIDC Client to Authentication . With the former you don’t see the document navigation page elements, hence I never saw the link to the advanced page.
Hi, When I call the LoginAsync method with the audience set the login fails with “access_denied”. This is even before I have a chance to provide my credentials.
I’m using a native client type, OIDC conformant.
Any ideas gratefully received. I’m finding the documentation pretty confusing tbh.
Go to the Auth0 Dashboard and click on Logs. Does that give you any more information?
Alternatively, can you perhaps look at the network traffic with Fiddler and see whether the HTTP call that fails give you any more details for the response coming back from Auth0?
Oh dear, what a numpty I am - I had a typo between the name of the service in the management console and my code. It’s odd though, I’m pretty sure I clicked on the Logs tab last night, and it was just a blank page. Perhaps I was just being impatient
I have hopefully just one more question if you could permit me…
The “Authorization Bearer xxx” token that gets used when logging in with the openshift webconsole looks a bit like this: fdas3JzMf62BizlJdIhrsyJN7q-4h9LmbEFvcjPHKg4
For calling the Auth0 Management API from your C# application, you can use the Auth0.NET SDK (specifically the SDK for the Management API): Documentation
Ah, hmm… maybe I’m going about things the wrong way after all. The OpenShift identity provider is controlled and configured by me (it’s my own installation of the opensource project), but the I guess the OpenShift APIs need to receive a token issued by the OpenShift OAuth server. It’s all quite confusing unless you’re building a web client (where the OpenID Connect integration works out of the box with Auth0). More reading and research required…
