This is the Authress SDK for C#. Authress provides an authorization API for user identity, access control, and api key management as a drop in SaaS.
The Nuget package connects to the Authress API. You can use Authress to build authentication and authorization directly into your applications and services. Additionally, Authress can be used locally to develop faster without needing an Authress Account
You can either directly install the Authress SDK directly into your current application or checkout the Authress C# Starter Kit.
Installation:
- run:
dotnet add Authress.SDK(or install via visual tools)
The recommended solution is to use the C# built in OpenID provider by Microsoft. An example implementation is available in the Authress C# Starter Kit. However, in some cases you might need to parse the JWT directly and verify it for use in serverless functions.
using Authress.SDK;
// Get an authress custom domain: https://authress.io/app/#/settings?focus=domain
var authressSettings = new AuthressSettings { AuthressApiUrl = "https://authress.company.com", };
var authressClient = new AuthressClient(tokenProvider, authressSettings)
var verifiedUserIdentity = await authressClient.VerifyToken(jwtToken);
Console.WriteLine($"User ID: {verifiedUserIdentity.UserId}");using Authress.SDK;
namespace Microservice
{
public class Controller
{
public static async void Route()
{
// automatically populate forward the users token
// 1. instantiate all the necessary classes (example using ASP.NET or MVC, but any function works)
// If using the HttpContextAccessor, register it first inside the application root
// services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
var tokenProvider = new DynamicTokenProvider(() =>
{
// Then get the access token from the incoming API request and return it
var httpContextAccessor = ServiceProvider.GetRequiredService<IHttpContextAccessor>();
var accessToken = await httpContextAccessor.HttpContext.GetTokenAsync("Bearer", "access_token");
return accessToken;
});
// Get an authress custom domain: https://authress.io/app/#/settings?focus=domain
var authressSettings = new AuthressSettings { AuthressApiUrl = "https://authress.company.com", };
var authressClient = new AuthressClient(tokenProvider, authressSettings);
// 2. At runtime attempt to Authorize the user for the resource
await authressClient.AuthorizeUser("USERID", "RESOURCE_URI", "PERMISSION");
// API Route code
// ...
}
}
}using Authress.SDK;
namespace Microservice
{
public class Controller
{
public static async void Route()
{
// automatically populate forward the users token
// 1. instantiate all the necessary classes
var tokenProvider = new ManualTokenProvider();
var authressSettings = new AuthressSettings { AuthressApiUrl = "https://DOMAIN.api.authress.io", };
var authressClient = new AuthressClient(tokenProvider, authressSettings);
// 2. At runtime attempt to Authorize the user for the resource
tokenProvider.setToken(userJwt);
await authressClient.AuthorizeUser("USERID", "RESOURCE_URI", "PERMISSION");
// API Route code
// ...
}
}
}using Authress.SDK;
namespace Microservice
{
public class Controller
{
public static async void Route()
{
// accessKey is returned from service client creation in Authress UI
// 1. instantiate all the necessary classes
var accessKey = 'ACCESS_KEY';
// Assuming it was encrypted in storage, decrypt it
var decodedAccessKey = decrypt(accessKey);
var tokenProvider = new AuthressClientTokenProvider(decodedAccessKey);
// Get an authress custom domain: https://authress.io/app/#/settings?focus=domain
var authressSettings = new AuthressSettings { AuthressApiUrl = "https://authress.company.com", };
var authressClient = new AuthressClient(tokenProvider, authressSettings);
// Attempt to Authorize the user for the resource
// 2. At runtime the token provider will automatically pull the token forward
await authressClient.AuthorizeUser("USERID", "RESOURCE_URI", "PERMISSION");
// API Route code
// ...
}
}
}