Skip to content

Adding Auth0.AuthenticationApi package dependency #148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Adding Auth0.AuthenticationApi package dependency #148

wants to merge 10 commits into from

Conversation

kailash-b
Copy link
Contributor

@kailash-b kailash-b commented May 20, 2025
edited by atlassian bot
Loading

Description

  • Adds Auth0.AuthenticationApi package as a direct dependency.
  • Developers can now use the features of Auth0.AuthenticationApi without adding/managing a separate reference.
  • Examples are updated to show how to register the dependency and use the AuthenticationApiClient.

Internal References

Testing

  • Tested the changes on the sample application as well.
  • This change adds test coverage for new/changed/fixed functionality

Checklist

  • I have added documentation for new/changed functionality in this PR or in auth0.com/docs
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used, if not main

@kailash-b kailash-b requested a review from a team as a code owner May 20, 2025 11:15
nandan-bhat
nandan-bhat previously approved these changes May 21, 2025
View reviewed changes
andychiare
andychiare reviewed Jun 13, 2025
View reviewed changes
andychiare
andychiare reviewed Jun 13, 2025
View reviewed changes
Copy link
Contributor

@andychiare andychiare left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added some suggestions to improve the presentation of the new supported features.
In particular, a reference to the two new sections in the table of contents of the EXAMPLES.md file is missing

@kailash-b kailash-b enabled auto-merge (squash) July 15, 2025 09:02
@kailash-b kailash-b requested a review from frederikprijck July 16, 2025 05:23
frederikprijck
frederikprijck reviewed Jul 16, 2025
View reviewed changes
@kailash-b kailash-b requested a review from frederikprijck July 16, 2025 12:23
frederikprijck
frederikprijck reviewed Jul 17, 2025
View reviewed changes
EXAMPLES.md
There can be multiple scenarios where the conventional authentication flows might not suffice. There could be scenarios where we need to directly call Auth0's APIs for specific tasks, such as user management or advanced authentication scenarios.
In such cases, `Auth0.AuthenticationApi` provides a powerful way to interact with Auth0's Authentication API endpoints.

**Note :** For interactions with the Auth0 API's end-points we leverage the rich support and infrastructure provided by `Auth0.AuthenticationApi` (via `Auth0.AspNetCore.Authentication.AuthenticationApiClient`). There is no implementation in `Auth0.AspNetCore.Authentication` that directly talks to Auth0's API endpoints.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we need to call out that, when you use the AuthenticationApiClient that there is no relation to the session/cookie and authenticated state. Both exist next to eachother without any integration.

EXAMPLES.md
Comment on lines +484 to +486
options.Domain = Configuration["Auth0:Domain"];
options.ClientId = Configuration["Auth0:ClientId"];
options.ClientSecret = Configuration["Auth0:ClientSecret"];
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't these be optional? The user has already provided these, so in case they are identical we should not provide them again.

Copy link
Member

@frederikprijck frederikprijck Jul 17, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Additionally, why is this not built on top of the builder we already have, like we have WithAccessToken?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is built similar to WithAccessToken(), just that the example is misleading. I will update it.
The configuration options are also not required, since it would have already been initialised.

EXAMPLES.md
{
var request = new RevokeRefreshTokenRequest
{
RefreshToken = refreshToken,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To be useful, I think we should include how we can get the refresh token from the ASP.NET SDK.

EXAMPLES.md
};

await _auth0Client.StartPasswordlessEmailFlowAsync(request);
return Ok("Magic link sent to email.");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So the user can use this to login using passwordless. But how is the cookie going to be set? So how is the user actually going to be logged in into the app?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@frederikprijck frederikprijck frederikprijck left review comments

@nandan-bhat nandan-bhat nandan-bhat left review comments

+1 more reviewer

@andychiare andychiare andychiare left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kailash-b @frederikprijck @andychiare @nandan-bhat