ASP.NET Core OAuth SSO using miniOrange as OAuth Server
ASP.NET Core OAuth Single Sign-On (SSO) middleware gives the ability to enable OAuth Single Sign-On for your ASP.NET Core applications. Using Single Sign-On you can use only one password to access your ASP.NET Core application and services. Our module is compatible with all the OAuth compliant identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between ASP.NET Core and miniOrange as OAuth Provider.
Pre-requisites: Download And Installation
- Download the ASP.NET middleware OAuth 2.0
- Add the miniOrange-sso-configuration folder in your application root directory containing the configuration.json file.
- Add the miniorange-oauth-middleware.dll dependency in your application or just add it to your bin folder of your application.
- Configure the Startup.cs/Program.cs file:
- Add the namespace oauthssomiddleware:
- Add the following code snippet in the Startup.ConfigureServices method for using session services:
- Add the following code snippet lines in Startup.Configure method
- Run the application when the configuration is done.
using oauthssomiddleware
using Newtonsoft.Json;
builder.Services.AddSession();
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
app.UseCookiePolicy();
app.UseSession();
app.UseAuthentication();
app.UseminiOrangeOAuthSSOMiddleware();
Steps to configure ASP.NET Core Single Sign-On (SSO) using Auth0 as IDP
1. Configure Plugin Dashboard
- After integration, open your browser and browse the connector dashboard with the URL below:
- If the registration page or login page pops up, you have successfully added the miniOrange ASP.NET middleware authentication SAML SSO connector to your application.
- Register or log in with your account by clicking the Register/Login button to configure the middleware.
https://<your-application-base-url>/?ssoaction=config
2. Setup miniOrange as OAuth Server
- Sign in to miniOrange dashboard.
- To set the branding, go to Customization from the left menu and go to Login and Registration Branding tab.
- Under the Basic Settings change the Organization Name and click on Save.
- On the dashboard, go to Apps and click on Add Application.
- Click on the OAuth / OIDC tab and select OAuth2/OpenID Connect to create an application.
- For your created application, go to Select → Edit under the Action tab.
You have successfully configured miniOrange as OAuth Provider for achieving miniOrange login into your WordPress Site.
3. Configure OAuth Client
- Configure your OAuth/JWT Server. While configuring your OAuth/JWT server provide the Redirect/Callback URL to your OAuth/JWT Client.
- You will get the Client ID, Client Secret, Authorize Endpoint, Access Token Endpoint, and Get User Info Endpoint from your OAuth/JWT Server. You need to verify the supported scope with the OAuth/JWT Server.
- Please refer to the below table for configuring the scope & endpoints in the plugin.
- Once you have added this information in the miniOrange ASP.NET OAuth plugin, please click on SAVE and then on Test Configuration. If your Test-Configuration is successful! You will receive your WildApricot attribute as below:
| Scope: | openid email profile |
| Authorize Endpoint: | https://<miniOrange-domain>.xecurify.com/moas/idp/openidsso |
| Token Endpoint: | https://<miniOrange-domain>.xecurify.com/moas/rest/oauth/token |
| User Info Endpoint: | https://<miniOrange-domain>.xecurify.com/moas/rest/oauth/getuserinfo |
4. Attribute Mapping
- Map Attribute Names provided by your OAuth/JWT Server with your ASP.NET application Attributes given under Attribute Mapping Section and click on Save Attribute Mapping.
5. Integration Code
- Use the below Integration code to retrieve user information in your application after a successful SSO.
- User Claims (Forms Authentication Checked) [Recommended]:
string name="";
string claimtype="";
string claimvalue="";
if(User.Identity.IsAuthenticated) {
name= User.Identity.Name;
foreach( var claim in User.Claims) {
claimtype = claim.Type;
claimvalue = claim.Value;
}
}
6. Add the following link into your application for Single Sign-On (SSO)
- Use the following URL as a link in the application from where you want to perform SSO:
- For example, you can use it as:
https://base-url/?ssoaction=login
<a href=”https://base-url/?ssoaction=login”>Log in</a>
You have successfully configured ASP.NET OAuth Middleware using WildApricot as OAuth Server.
You can even configure the ASP.NET OAuth Single Sign-On (SSO) module with any identity provider such as ADFS, Azure AD, Bitium, Centrify, G Suite, JBoss Keycloak, Okta, OneLogin, Salesforce, AWS Cognito, OpenAM, Oracle, PingFederate, PingOne, RSA SecureID, Shibboleth-2, Shibboleth-3, SimpleSAML, WSO2 or even with your own custom identity provider.
Additional Resources
- DNN SAML Single Sign-On (SSO)
- Umbraco SAML Single Sign-On (SSO)
- ASP.NET SAML Single Sign-On (SSO)
- Web3 login for ASP.NET Applications
- nopCommerce SAML Single Sign-On (SSO)
- DNN REST API Authentication
Need Help?
Not able to find your identity provider? Mail us on aspnetsupport@xecurify.com and we'll help you set up SSO with your IDP and for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
Need Help? We are right here!
