Connecting to Auth0 using IdentityModel OpenID Connect


I am trying evaluating Auth0. The following tutorial is straightforward:
and it provides a connection, but using the Auth0.OidcClient library.

Reading about this libary, I see that it uses the IdentityModel OpenID Connect Client Library, and “simply acts as a very thin wrapper arond this library, ensuring that the correct configuration is passed to Auth0”
So I have tried to get an example where I use directly the OidcClient2 library, taking directly the samples for WPF (the type of app I need), here.
However I can’t make this work completely. I have configured it to get the login window, and I see login successful in the logs, but in code I get the error “An item with the same key has already been added.” Trying to debug this, in the Auth0 library example I get a raw response in the form, but in the OIDC “standard” I get something like ?{“strategy”:“auth0”,“auth0Client”:“eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yLjMifQ==”,“tenant”:“sergiotest”,“connection”:“Username-Password-Authentication”,“client_id”:“tXtJcqPZCeOJDuarQPCNJxy00gGDTDTQ”,“response_type”:“code”,“scope”:“openid profile email”,“redirect_uri”:“",“state”:“Rg0ZYxBhVL-NCeLGyJ0mxmn-SyScTpkB”,“nonce”:“ca115f61fdd062f232c845574772dd67”,“sid”:“sVmmeZZiaJ1SHlT_6zkB3GXGdhOo41ON”,“realm”:“Username-Password-Authentication”,“session_user”:"5b15074a3856b417170a0d56”}

Does anyone know what are the options to pass to make work Auth0 with a standard OIDC library?


I have finally made it work. Main important points are:

  • The Browser from the OIDC standard library needs to be changed. I copied the PlatformWebView class from Auth0 library
  • Also, it is important to specify that RequireAccessTokenHash and RequireAuthorizationCodeHash are set to false, as it seems they are in the Auth0 library. These params sit in a Policy Object

The code that make it work the sample is:

            Policy policy = new Policy()
            RequireAccessTokenHash = false,
            RequireAuthorizationCodeHash = false

        var options = new OidcClientOptions()
            Authority = "",
            ClientId = "tXtJcqPZCeOJDuarQPCNJxy00gGDTDTQ",
            Scope = "offline_access openid profile email",  // offline_access yields a refresh_token
            RedirectUri = "",
            ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,  
            Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode,
            Browser = new PlatformWebView(), 
            Policy = policy