Auth0 Home Blog Docs

SSO between a .NET Core 2.0 MVC and Angular application

sso-integration

#1

We have been using Auth0 for Authentication purpose. We need support from Auth0 on our implementation with SSO.

Currently we have two applications using Auth0

  1. SPA (Angular)

  2. Regular Application (.NET Core 2.0 MVC)

  3. SPA is storing in local storage

  4. Regular application is cookie based

both are using Auth0 for authentication. They are all sharing the users.

As a new requirement, we want the user to be logged in both the applications, even if he signs on in any one of the app.

  1. SCENARIO 1: sign in to .NET app, angular app gets signed in automatically
  2. SCENARIO 2: sign in to angular app, .NET app gets signed in automatically
    We went with the SSO approach to achieve the above mentioned scenario.

Configurations on Auth0 side was configured:-

  1. Use Auth0 instead of the IdP to do Single Sign On – By default turned on
  2. Token Endpoint Authentication Method: POST
  3. Allowed Callback URLs, Allowed Web Origins, Allowed Logout URLs – configured based on application needs.
  4. Custom login page is used.

SCENARIO 1: sign in to .NET app, angular app gets signed in automatically

It works fine for this scenario, once we are logged into the regular Web application (.NET Core 2.0 MVC), try to login to the angular web application.
The angular application logs in automatically.
This is achieved by checkSession from the auth0 library for angular application. Following is the code in Angular side. By referring to https://auth0.com/docs/sso/current/single-page-apps

the following code is from the .NET Core 2.0 startup class

By referring to the following links


https://auth0.com/docs/architecture-scenarios/web-app-sso - this article has the code snippet, but this is in .NET core 2.0. Using this https://docs.microsoft.com/en-us/aspnet/core/migration/1x-to-2x/?view=aspnetcore-2.1 the code was migrated to .net core 2.0

SCENARIO 2: sign in to angular app, .NET app gets signed in automatically

The other way, using the same code, (.NET application to Angular application is not achievable).
Would like to know if the approach is correct. Precisely, how can we achieve this ? Need some help to achieve it.

Your help will be appreciated.

Thanks,
Ishwarya