I am new to Auth0, and this may seem like a bad question but I am having trouble figuring out how to use Auth0 to log into an application that I am creating for a client. My App is a .NET Web API application that uses Angular JS on the front end. I want to use my Web API to handle the authentication, but I am experience problems. I watched a course on pluralsight about using Auth0 and the other technologies but it seems outdated. Ive also taken a look at the docs for using Auth0 and ASP.NET Web API (Owin) but they have further confused me. The goal that I want to reach is sending a username, and password to the Auth0 server and recieving an access_token and an id_token that my application will recognize. Can someone point me somewhere or explain to me exactly how I can do this?
Here are the high-level steps to achieve what you described:
- Create and configure the AngularJS front-end as a client application in the Clients section of the Dashboard; set it’s client type to SPA.
- Create and configure the .NET Web API as an API in the APIs section of the Dashboard.
- Integrate Auth0 into the API by following the available quickstart; you mention OWIN so I’m referring to that one. This step is all about setting the API in such way that will authorize requests by validating an access token that was issued through your Auth0 tenant.
- Integrate Auth0 into the client application by using Auth0.js; you can follow the available quickstart (I’m assuming Angular latest).
Having done the above and configured the client application to perform an API authorization (aka passing the appropriate value in the
audience parameter) request then the client application will be able to obtain an access token suitable to call the API. By default that access token will include the user identifier so that the API is able to know the end-user associated with the call. If you need additional information, you can consider using custom claims.
Thank you for the answer. One last thing, I currently do not want to use the Hosted login page for logging into my application. What API endpoint do I call with my username and password so that I can recieve a access_token, and id_token from my response?
The recommendation is the hosted login page, but if you configure your client to make use of the appropriate grant types then you can consider calling Auth0.js
client.login method to achieve that.