Token authentication for multiple Auth0 domain

rmok · December 31, 2018, 12:58pm

I have 2 Auth0 accounts which generating the jwt token when client login from either of the account. I already know how to authenticate the token in my Web API for 1 domain and it is working fine. I want to know how to authenticate for 2 Auth0 domains. Right now it is authenticating all the users on tldev111.auth0.com domain and i want to authenticate users on tldev123.auth0.com domain too

Startup.cs–

public void Configuration(IAppBuilder app)
    {
        var domain = $"https://{ConfigurationManager.AppSettings["Auth0Domain"]}/";
        var apiIdentifier = ConfigurationManager.AppSettings["Auth0ApiIdentifier"];

        var keyResolver = new OpenIdConnectSigningKeyResolver(domain);
        app.UseJwtBearerAuthentication(
            new JwtBearerAuthenticationOptions
            {
                AuthenticationMode = AuthenticationMode.Active,
                TokenValidationParameters = new TokenValidationParameters()
                {
                    ValidAudience = apiIdentifier,
                    ValidIssuer = domain,
                    IssuerSigningKeyResolver = (token, securityToken, kid, parameters) => keyResolver.GetSigningKey(kid)
                }
            });

        // Configure Web API
        WebApiConfig.Configure(app);
    }

WebApiConfig -

public static void Configure(IAppBuilder app)
    {
        HttpConfiguration config = new HttpConfiguration();

        // Web API routes
        config.MapHttpAttributeRoutes();
        config.Routes.MapHttpRoute(
            name: "DefaultApi",
            routeTemplate: "api/{controller}/{id}",
            defaults: new { id = RouteParameter.Optional });

        app.UseWebApi(config);
    }

web.config app settings–

<appSettings>
<add key="Auth0Domain" value="tldev111.auth0.com" />
<add key="Auth0ApiIdentifier" value="https://aaa/SRTAPI/api" />

nicolas_sabena · December 31, 2018, 2:22pm

Take a look at https://github.com/auth0-samples/auth0-aspnetcore-webapi-samples/tree/master/Samples/multiple-issuer for a sample with a custom MultipleIssuerSigningKeyResolver.

The readme.md file shows how to initialize the JWT middleware with more than one issuer (Auth0 domain).

rmok · January 17, 2019, 4:08pm

Thank you. That helped.

James.Morrison · January 31, 2019, 8:08pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
WebAPI validate token for different cliend Ids Help jwt , api	6	4918	March 2, 2018
Two Auth0 Applications, different JWT tokens, how to authenticate with each other? Help	2	3226	September 4, 2019
SPA using token to call another API Help token , jwt , api , spa	11	5626	March 2, 2018
Best practices for authenticating API requests from domains you don't control Help jwt , oidc , multi-tenant , api-authorization	5	5166	August 29, 2019
Getting user token to access domain APIs Help jwt , custom-claims , user	4	3792	August 28, 2019

Token authentication for multiple Auth0 domain

Related Topics