Tutorial: Integrate TideCloak in a Csharp ASP.NET Core Application
A step‑by‑step build of a Razor Pages app secured by TideCloak.
1) Prerequisites
- TideCloak server with a realm and client
- .NET SDK and an editor (VS/VS Code)
2) Create project
dotnet new webapp -o MyKeycloakAppcd MyKeycloakApp
Install packages:
dotnet add package Microsoft.AspNetCore.Authentication.OpenIdConnectdotnet add package Microsoft.AspNetCore.Authentication.Cookiesdotnet add package Microsoft.IdentityModel.Protocols.OpenIdConnect
3) Configure Program.cs
using Microsoft.AspNetCore.Authentication;using Microsoft.AspNetCore.Authentication.Cookies;using Microsoft.AspNetCore.Authentication.OpenIdConnect;using Microsoft.IdentityModel.Protocols.OpenIdConnect;using System.Security.Claims;var builder = WebApplication.CreateBuilder(args);builder.WebHost.UseUrls("http://localhost:8000");builder.Services.AddRazorPages();builder.Services.AddAuthentication(options => {options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme).AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options => {options.Authority = "http://localhost:8080/realms/realm";options.ClientId = "myclient";options.ResponseType = OpenIdConnectResponseType.Code;options.SaveTokens = true;options.RequireHttpsMetadata = false; // dev onlyoptions.Scope.Add("openid");options.Scope.Add("profile");options.Scope.Add("email");options.GetClaimsFromUserInfoEndpoint = true;options.ClaimActions.MapJsonKey(ClaimTypes.Name, "preferred_username");options.ClaimActions.MapJsonKey(ClaimTypes.Email, "email");options.ClaimActions.MapJsonKey("sub", "sub");});var app = builder.Build();app.UseHttpsRedirection();app.UseStaticFiles();app.UseRouting();app.UseAuthentication();app.UseAuthorization();app.MapRazorPages();app.Run();
4) Login/Logout pages
using Microsoft.AspNetCore.Authentication;using Microsoft.AspNetCore.Authentication.OpenIdConnect;using Microsoft.AspNetCore.Mvc.RazorPages;using Microsoft.AspNetCore.Mvc;namespace YourNamespace.Pages {public class LoginModel : PageModel {public IActionResult OnGet() =>Challenge(new AuthenticationProperties { RedirectUri = "/" },OpenIdConnectDefaults.AuthenticationScheme);}}
using Microsoft.AspNetCore.Authentication;using Microsoft.AspNetCore.Authentication.Cookies;using Microsoft.AspNetCore.Authentication.OpenIdConnect;using Microsoft.AspNetCore.Mvc.RazorPages;using Microsoft.AspNetCore.Mvc;namespace YourNamespace.Pages {public class LogoutModel : PageModel {public IActionResult OnGet() =>SignOut(new AuthenticationProperties { RedirectUri = "/" },CookieAuthenticationDefaults.AuthenticationScheme,OpenIdConnectDefaults.AuthenticationScheme);}}
Optional .cshtml files can simply show "redirecting..." or link to these routes.
5) User details page
@page@model UserDetailsModel<h2>User Details</h2>@if (User.Identity.IsAuthenticated){<p><strong>Name:</strong> @User.Identity.Name</p><p><strong>Email:</strong> @User.FindFirst("email")?.Value</p><p><strong>Subject (sub):</strong> @User.FindFirst("sub")?.Value</p>}else { <p>You are not logged in.</p> }
using Microsoft.AspNetCore.Mvc.RazorPages;public class UserDetailsModel : PageModel { public void OnGet() {} }
6) Home page buttons
@page@model IndexModel<div class="text-center"><h1 class="display-4">Welcome</h1><p>Welcome to TideCloak ASP.NET Core app.</p>@if (User.Identity.IsAuthenticated){<a asp-page="/UserDetails" class="btn btn-primary">View User Details</a><a class="btn btn-primary" asp-page="/Logout">Logout</a>}else{<a class="btn btn-primary" asp-page="/Login">Login</a>}</div>
7) Run
dotnet run
Open http://localhost:8000, hit Login, authenticate on TideCloak, then view User Details.