{"id":19645776,"url":"https://github.com/approov/quickstart-asp.net-token-check","last_synced_at":"2026-01-18T19:01:38.165Z","repository":{"id":46216990,"uuid":"116956539","full_name":"approov/quickstart-asp.net-token-check","owner":"approov","description":"Approov token check in ASP.NET Core 2.0","archived":false,"fork":false,"pushed_at":"2025-11-23T14:19:59.000Z","size":526,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-11-23T16:14:02.084Z","etag":null,"topics":["api","apis","approov","approov-demo","approov-token","asp","backend-service","dotnet","jwt","jwt-auth","jwt-authentication","jwt-token","jwt-tokens","jwt-validation","token"],"latest_commit_sha":null,"homepage":"https://blog.approov.io/tag/integration","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/approov.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2018-01-10T12:45:04.000Z","updated_at":"2025-11-23T14:19:49.000Z","dependencies_parsed_at":"2024-07-30T17:27:30.063Z","dependency_job_id":null,"html_url":"https://github.com/approov/quickstart-asp.net-token-check","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/approov/quickstart-asp.net-token-check","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/approov%2Fquickstart-asp.net-token-check","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/approov%2Fquickstart-asp.net-token-check/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/approov%2Fquickstart-asp.net-token-check/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/approov%2Fquickstart-asp.net-token-check/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/approov","download_url":"https://codeload.github.com/approov/quickstart-asp.net-token-check/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/approov%2Fquickstart-asp.net-token-check/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28548944,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-18T14:59:57.589Z","status":"ssl_error","status_checked_at":"2026-01-18T14:59:46.540Z","response_time":98,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","apis","approov","approov-demo","approov-token","asp","backend-service","dotnet","jwt","jwt-auth","jwt-authentication","jwt-token","jwt-tokens","jwt-validation","token"],"created_at":"2024-11-11T14:35:11.915Z","updated_at":"2026-01-18T19:01:38.159Z","avatar_url":"https://github.com/approov.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Approov QuickStart - ASP.NET Token Check\n\n[Approov](https://approov.io) validates that requests reaching your backend originate from trusted builds of your mobile apps. This quickstart demonstrates how to enforce Approov tokens in ASP.NET 8, optionally add [token binding](https://approov.io/docs/latest/approov-usage-documentation/#token-binding), and verify [HTTP message signatures](https://approov.io/docs/latest/approov-usage-documentation/#message-signing) produced by the Approov SDK.\n\nThe sample backend that accompanies this guide lives at `servers/hello/src/approov-protected-server/token-check`. It exposes minimal endpoints that illustrate each protection layer:\n- `/token` returns `Good Token` after validating the Approov token.\n- `/token_binding` echoes `Good Token Binding` when the configured headers hash to the `pay` claim.\n- `/ipk_message_sign_test` and `/ipk_test` generate deterministic signatures and validate installation public keys for local testing.\n\nAn unprotected reference backend lives at `servers/hello/src/unprotected-server` so you can compare behaviour with and without Approov.\n\n\n## Prerequisites\n\n- [.NET 8 SDK](https://dotnet.microsoft.com/download) for building/running the samples.\n- [Approov CLI](https://approov.io/docs/latest/approov-installation/#approov-tool) with an account that can manage API domains and secrets.\n- An API domain registered with Approov: `approov api -add your.api.domain.com`.\n- The account secret exported in base64 form. Enable the admin role (`eval \\`approov role admin\\`` on Unix shells or `set APPROOV_ROLE=admin:\u003capproov-account\u003e` in PowerShell) and run `approov secret -get base64`.\n\nWhen using symmetric signing (HS256) you must keep the secret confidential. Approov also supports asymmetric keys; see [Managing Key Sets](https://approov.io/docs/latest/approov-usage-documentation/#managing-key-sets) for guidance.\n\n\n## Getting Started\n\n1. Copy the environment template and add your secret:\n   ```bash\n   cp servers/hello/src/approov-protected-server/token-check/.env.example \\\n      servers/hello/src/approov-protected-server/token-check/.env\n   ```\n   Edit `.env` and set `APPROOV_BASE64_SECRET` to the value returned by `approov secret -get base64`. The optional variables in that file enable token binding and message signature policy enforcement.\n\n2. Run the sample APIs with the local .NET SDK:\n   ```bash\n   ./scripts/run-local.sh all\n   ```\n   The script launches the unprotected server on `8001` and the Approov-protected server on `8111`. Press `Ctrl+C` to stop both. Launch a single backend with `./scripts/run-local.sh token-check`.\n\n3. Exercise the protections using the helper scripts:\n   ```bash\n   ./test-scripts/request_tests_approov_msg.sh 8111\n   ./test-scripts/request_tests_sfv.sh 8111\n   ```\n   These scripts cover token validation, token binding, canonical message reconstruction, and signature verification.\n\n\n## Implementing Approov in Your Project\n\nFollow the detailed quickstarts to bring the same protections into your own API:\n\n- [Token validation quickstart](docs/APPROOV_TOKEN_QUICKSTART.md) - integrate the middleware that enforces Approov tokens.\n- [Token binding quickstart](docs/APPROOV_TOKEN_BINDING_QUICKSTART.md) - bind Approov tokens to request headers such as `Authorization`.\n- [Message signing quickstart](docs/APPROOV_MESSAGE_SIGNING_QUICKSTART.md) - verify HTTP message signatures using the installation public key included in the Approov token.\n\nEach guide includes package requirements, configuration snippets, and testing instructions that match the code in this repository.\n\n\n## Testing and Examples\n\n- [TESTING.md](TESTING.md) summarises manual and automated test options, including how to use the published dummy secret for local verification.\n- [EXAMPLES.md](EXAMPLES.md) explains the sample server layout and optional Docker workflow.\n- Run unit tests for the helper components with `dotnet test tests/Hello.Tests/Hello.Tests.csproj`.\n\n\n## Additional Resources\n\n- [Approov Overview](OVERVIEW.md)\n- [Approov Quickstarts](QUICKSTARTS.md)\n- [Approov Integration Examples](EXAMPLES.md)\n\nKeep the backend clock synchronised with an authoritative time source (for example via NTP). Accurate clocks are essential when checking JWT expiry times and HTTP message signature lifetimes.\n\n\n## Issues\n\nReport problems or request enhancements via [GitHub issues](https://github.com/approov/quickstart-asp.net-token-check/issues). Include reproduction steps so we can assist quickly.\n\n\n## Useful Links\n\n- [Approov Free Trial](https://approov.io/signup) (no credit card needed)\n- [Approov Product Tour](https://approov.io/product/demo)\n- [Approov QuickStarts](https://approov.io/docs/latest/approov-integration-examples/)\n- [Approov Docs](https://approov.io/docs)\n- [Approov Blog](https://approov.io/blog/)\n- [Approov Resources](https://approov.io/resource/)\n- [Approov Customer Stories](https://approov.io/customer)\n- [Approov Support](https://approov.io/contact)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapproov%2Fquickstart-asp.net-token-check","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapproov%2Fquickstart-asp.net-token-check","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapproov%2Fquickstart-asp.net-token-check/lists"}