{"id":22148168,"url":"https://github.com/auth0-developer-hub/api_aspnet-core_csharp_hello-world___legacy","last_synced_at":"2026-03-01T22:35:46.515Z","repository":{"id":128855840,"uuid":"366429530","full_name":"auth0-developer-hub/api_aspnet-core_csharp_hello-world___legacy","owner":"auth0-developer-hub","description":"ASP.NET API server sample (C#), secured with Auth0.","archived":false,"fork":false,"pushed_at":"2023-01-24T22:06:13.000Z","size":22,"stargazers_count":0,"open_issues_count":2,"forks_count":4,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-26T07:36:36.874Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/auth0-developer-hub.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-05-11T15:24:35.000Z","updated_at":"2023-02-04T00:38:48.000Z","dependencies_parsed_at":null,"dependency_job_id":"95e573f8-6f01-4d46-b2c4-db29e1471e30","html_url":"https://github.com/auth0-developer-hub/api_aspnet-core_csharp_hello-world___legacy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/auth0-developer-hub/api_aspnet-core_csharp_hello-world___legacy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-developer-hub%2Fapi_aspnet-core_csharp_hello-world___legacy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-developer-hub%2Fapi_aspnet-core_csharp_hello-world___legacy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-developer-hub%2Fapi_aspnet-core_csharp_hello-world___legacy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-developer-hub%2Fapi_aspnet-core_csharp_hello-world___legacy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/auth0-developer-hub","download_url":"https://codeload.github.com/auth0-developer-hub/api_aspnet-core_csharp_hello-world___legacy/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0-developer-hub%2Fapi_aspnet-core_csharp_hello-world___legacy/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29987078,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T21:06:37.093Z","status":"ssl_error","status_checked_at":"2026-03-01T21:05:45.052Z","response_time":124,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-01T23:26:15.009Z","updated_at":"2026-03-01T22:35:46.509Z","avatar_url":"https://github.com/auth0-developer-hub.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Hello World API: .NET + C# Sample\n\nThis repository contains a .NET project that defines an ASP.NET API. You'll secure this API with Auth0 to practice making secure API calls from a client application.\n\n## Quick Auth0 Set Up\n\n### Set up the project\n\nOpen the `appsettings.json` file in the `HelloworldApplication` folder. Its content should look like the following:\n\n```json\n{\n  \"Logging\": {\n    \"LogLevel\": {\n      \"Default\": \"Information\",\n      \"Microsoft\": \"Warning\",\n      \"Microsoft.Hosting.Lifetime\": \"Information\"\n    }\n  },\n  \"AllowedHosts\": \"*\",\n  \"Auth0\": {\n    \"Domain\": \"{DOMAIN}\",\n    \"Audience\": \"{API_IDENTIFIER}\"\n  }\n}\n```\n\n### Register an ASP.NET Web API with Auth0\n\n- Open the [APIs](https://manage.auth0.com/#/apis) section of the Auth0 Dashboard.\n\n- Click on the **Create API** button.\n\n- Provide a **Name** value such as _Hello World API Server_.\n\n- Set its **Identifier** to `https://api.example.com` or any other value of your liking.\n\n- Leave the signing algorithm as `RS256` as it's the best option from a security standpoint.\n\n- Click on the **Create** button.\n\n\u003e View [\"Register APIs\" document](https://auth0.com/docs/get-started/set-up-apis) for more details.\n\n### Connect the ASP.NET Web API with Auth0\n\nHead back to your Auth0 API page, and follow these steps to get the Auth0 Audience:\n\n![Get the Auth0 Audience to configure an API](https://images.ctfassets.net/23aumh6u8s0i/1CaZWZK062axeF2cpr884K/cbf29676284e12f8e234545de05dac58/get-the-auth0-audience)\n\n- Click on the **\"Settings\"** tab.\n\n- Locate the **\"Identifier\"** field and copy its value.\n\n- Paste the \"Identifier\" value as the value of `Audience` in `appsettings.json`.\n\nNow, **follow these steps to get the Auth0 Domain value**:\n\n![Get the Auth0 Domain to configure an API](https://images.ctfassets.net/23aumh6u8s0i/37J4EUXKJWZxHIyxAQ8SYI/d968d967b5e954fc400163638ac2625f/get-the-auth0-domain)\n\n- Click on the **\"Test\"** tab.\n\n- Locate the section called **\"Asking Auth0 for tokens from my application\"**.\n\n- Click on the **cURL** tab to show a mock `POST` request.\n\n- Copy your Auth0 domain, which is part of the `--url` parameter value: `tenant-name.region.auth0.com`.\n\n- Paste the Auth0 domain value as the value of `Domain` in `appsettings.json`.\n\n**Tips to get the Auth0 Domain**\n\n- The Auth0 Domain is the substring between the protocol, `https://` and the path `/oauth/token`.\n\n- The Auth0 Domain follows this pattern: `tenant-name.region.auth0.com`.\n\n- The `region` subdomain (`au`, `us`, or `eu`) is optional. Some Auth0 Domains don't have it.\n\n### Run the project\n\nWith the `appsettings.json` configuration values set, run the API server by issuing the following command:\n\n```bash\ndotnet run --project ./HelloworldApplication\n```\n\n## Test the Protected Endpoints\n\nYou can get an access token from the Auth0 Dashboard to test making a secure call to your protected API endpoints.\n\nHead back to your Auth0 API page and click on the **\"Test\"** tab.\n\nLocate the section called **\"Sending the token to the API\"**.\n\nClick on the cURL tab of the code box.\n\nCopy the sample cURL command:\n\n```bash\ncurl --request GET \\\n  --url http://path_to_your_api/ \\\n  --header 'authorization: Bearer really-long-string-which-is-test-your-access-token'\n```\n\nReplace the value of `http://path_to_your_api/` with your protected API endpoint path (you can find all the available API endpoints in the next section) and execute the command. You should receive back a successful response from the server.\n\nYou can try out any of our full stack demos to see the client-server Auth0 workflow in action using your preferred front-end and back-end technologies.\n\n## Test the Admin Endpoint\n\nThe `/admin` endpoint requires the access token to contain the `read:admin-messages` permission. The best way to simulate that client-server secured request is to use any of the Hello World client demo apps to log in as a user that has that permission.\n\nYou can use the Auth0 Dashboard to create an `admin` role and assign it the`read:admin-messages` permission. Then, you can assign the `admin` role to any user that you want to access the `/admin` endpoint.\n\n## API Endpoints\n\n### 🔓 Get public message\n\n```bash\nGET /api/messages/public\n```\n\n#### Response\n\n```bash\nStatus: 200 OK\n```\n\n```json\n{\n  \"message\": \"The API doesn't require an access token to share this message.\"\n}\n```\n\n\u003e 🔐 Protected Endpoints: These endpoints require the request to include an access token issued by Auth0 in the authorization header.\n\n\n### 🔐 Get protected message\n\n```bash\nGET /api/messages/protected\n```\n\n#### Response\n\n```bash\nStatus: 200 OK\n```\n\n```json\n{\n  \"message\": \"The API successfully validated your access token.\"\n}\n```\n\n### 🔐 Get admin message\n\n\u003e Requires the user to have the `read:admin-messages` permission.\n\n```bash\nGET /api/messages/admin\n```\n\n#### Response\n\n```bash\nStatus: 200 OK\n```\n\n```json\n{\n  \"message\": \"The API successfully recognized you as an admin.\"\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauth0-developer-hub%2Fapi_aspnet-core_csharp_hello-world___legacy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fauth0-developer-hub%2Fapi_aspnet-core_csharp_hello-world___legacy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauth0-developer-hub%2Fapi_aspnet-core_csharp_hello-world___legacy/lists"}