Auth0 asp net web api 2 pass claims and token from any mvc angular client


Auth0 is a popular and authorization platform that provides various for securing web applications. In this article, we will discuss how to pass claims and tokens from any MVC Angular to an ASP.NET Web API 2 using Auth0.

Setting up Auth0

Before we dive into the code, we need to set up Auth0 for our application. Follow these steps:

  1. Create an on the Auth0 website and create a new application.
  2. the application settings, such as the allowed callback URLs and allowed origins.
  3. Generate the client ID and client for your application.

Configuring the ASP.NET Web API 2

Now, let's configure our ASP.NET Web API 2 to work with Auth0. First, install the required packages:

Install-Package Microsoft.Owin.Security.Jwt
Install-Package Microsoft.Owin.Host.SystemWeb

Next, open the Startup.cs file and add the following code to the ConfigureAuth method:

public void ConfigureAuth(IAppBuilder app)
    var issuer = "https://YOUR_AUTH0_DOMAIN/";
    var audience = "YOUR_AUTH0_API_IDENTIFIER";

    app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions
        AuthenticationMode = AuthenticationMode.Active,
        TokenValidationParameters = new TokenValidationParameters
            ValidIssuer = issuer,
            ValidAudience = audience,
            IssuerSigningKeyResolver = (token, securityToken, identifier, parameters) =>
                var signingKey = ConfigurationManager.AppSettings["Auth0ClientSecret"];
                return new[] { new SymmetricSecurityKey(Encoding.UTF8.GetBytes(signingKey)) };

Make sure to replace YOUR_AUTH0_DOMAIN and YOUR_AUTH0_API_IDENTIFIER with your actual Auth0 and API identifier.

Passing Claims and Tokens

Now that we have configured our ASP.NET Web API 2, let's see how to pass claims and tokens from an MVC Angular client. First, make sure you have the Auth0 JavaScript SDK in your client application.

In your Angular controller, you can use the auth0.WebAuth object to authenticate the user and obtain an token:

var webAuth = new auth0.WebAuth({
  domain: 'YOUR_AUTH0_DOMAIN',
  redirectUri: 'http://localhost:3000/callback',
  responseType: 'token id_token',
  scope: 'openid profile'


After the user is authenticated, you can include the access token in the request headers when calling the ASP.NET Web API 2:

  method: 'GET',
  url: 'https://YOUR_API_ENDPOINT',
  headers: {
    'Authorization': 'Bearer ' + accessToken
}).then(function(response) {
  // Handle the API response

Make sure to replace YOUR_AUTH0_DOMAIN, YOUR_AUTH0_CLIENT_ID, and YOUR_API_ENDPOINT with the appropriate values.


In this article, we have discussed how to pass claims and tokens from any MVC Angular client to an ASP.NET Web API 2 using Auth0. By following the steps outlined above, you can secure your web application and ensure that only authenticated users can access your API endpoints.

Rate this post

Leave a Reply

Your email address will not be published. Required fields are marked *

Table of Contents