Recipes

.NET — first integration

2 min read·Updated May 7, 2026

← All recipes · First time? Set up your app (60 seconds — keys + redirect URI)

A minimal ASP.NET Core 10 web app that signs a user in via Authaz Sign-In and uses Authaz.Sdk to call the Management API. Single-tenant, password provider, no roles.

1. What you'll build#

An ASP.NET Core minimal API where / is public, /dashboard is protected by Authaz OIDC login, and a /me/profile endpoint reads the signed-in user from the Management API.

2. Application setup#

In the Authaz Dashboard:

New application → name it, choose Single-tenant.
Note the Client ID and Client Secret.
Under Auth Flow Configuration, add https://localhost:5001/signin-oidc as an allowed callback URL.

using Authaz.Sdk; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authentication.OpenIdConnect; using Microsoft.IdentityModel.Protocols.OpenIdConnect; var builder = WebApplication.CreateBuilder(args); var authaz = builder.Configuration.GetSection("Authaz"); builder.Services .AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; }) .AddCookie() .AddOpenIdConnect(options => { options.Authority = authaz["Authority"]; options.ClientId = authaz["ClientId"]; options.ClientSecret = authaz["ClientSecret"]; options.ResponseType = OpenIdConnectResponseType.Code; options.UsePkce = true; options.SaveTokens = true; options.Scope.Add("openid"); options.Scope.Add("profile"); options.Scope.Add("email"); options.GetClaimsFromUserInfoEndpoint = true; }); builder.Services.AddAuthorization(); // Authaz.Sdk wiring for Management API calls builder.Services.AddTransient<ApiKeyAuthHandler>(); builder.Services .AddHttpClient("ManagementApi", c => c.BaseAddress = new Uri(authaz["ApiBaseUrl"]!)) .AddHttpMessageHandler<ApiKeyAuthHandler>(); builder.Services.AddScoped<ManagementApiClient>(); builder.Services.AddScoped<UsersApiClient>(); builder.Services.Configure<AuthazSdkOptions>(o => o.ApiKey = authaz["ApiKey"]!); var app = builder.Build(); app.UseAuthentication(); app.UseAuthorization(); app.MapGet("/", () => "Welcome. <a href='/login'>Sign in</a>"); app.MapGet("/login", () => Results.Challenge(new() { RedirectUri = "/dashboard" }, new[] { OpenIdConnectDefaults.AuthenticationScheme })); app.MapPost("/logout", async (HttpContext ctx) => { await ctx.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); await ctx.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme); return Results.Redirect("/"); });

.NET — first integration

1. What you'll build#

2. Application setup#

3. Install#

4. Configure#

5. Wire it up#

6. Read the user#

7. Call the Management API#

8. Common gotchas#

9. Next steps#