Tutorial: Integrate TideCloak in a Csharp ASP.NET Core Application
A step‑by‑step build of a Razor Pages app secured by TideCloak.
1) Prerequisites
- TideCloak server with a realm and client
- .NET SDK and an editor (VS/VS Code)
2) Create project
dotnet new webapp -o MyKeycloakApp
cd MyKeycloakApp
Install packages:
dotnet add package Microsoft.AspNetCore.Authentication.OpenIdConnect
dotnet add package Microsoft.AspNetCore.Authentication.Cookies
dotnet add package Microsoft.IdentityModel.Protocols.OpenIdConnect
3) Configure Program.cs
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using System.Security.Claims;
var builder = WebApplication.CreateBuilder(args);
builder.WebHost.UseUrls("http://localhost:8000");
builder.Services.AddRazorPages();
builder.Services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.Authority = "http://localhost:8080/realms/realm";
options.ClientId = "myclient";
options.ResponseType = OpenIdConnectResponseType.Code;
options.SaveTokens = true;
options.RequireHttpsMetadata = false; // dev only
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
options.GetClaimsFromUserInfoEndpoint = true;
options.ClaimActions.MapJsonKey(ClaimTypes.Name, "preferred_username");
options.ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
options.ClaimActions.MapJsonKey("sub", "sub");
});
var app = builder.Build();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapRazorPages();
app.Run();
4) Login/Logout pages
Pages/Login.cshtml.cs
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.AspNetCore.Mvc;
namespace YourNamespace.Pages
{
public class LoginModel : PageModel
{
public IActionResult OnGet() =>
Challenge(new AuthenticationProperties { RedirectUri = "/" },
OpenIdConnectDefaults.AuthenticationScheme);
}
}
Pages/Logout.cshtml.cs
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.AspNetCore.Mvc;
namespace YourNamespace.Pages
{
public class LogoutModel : PageModel
{
public IActionResult OnGet() =>
SignOut(new AuthenticationProperties { RedirectUri = "/" },
CookieAuthenticationDefaults.AuthenticationScheme,
OpenIdConnectDefaults.AuthenticationScheme);
}
}
Optional .cshtml files can simply show "redirecting..." or link to these routes.
5) User details page
Pages/UserDetails.cshtml
@page
@model UserDetailsModel
<h2>User Details</h2>
@if (User.Identity.IsAuthenticated)
{
<p><strong>Name:</strong> @User.Identity.Name</p>
<p><strong>Email:</strong> @User.FindFirst("email")?.Value</p>
<p><strong>Subject (sub):</strong> @User.FindFirst("sub")?.Value</p>
}
else { <p>You are not logged in.</p> }
Pages/UserDetails.cshtml.cs
using Microsoft.AspNetCore.Mvc.RazorPages;
public class UserDetailsModel : PageModel { public void OnGet() {} }
6) Home page buttons
Pages/Index.cshtml
@page
@model IndexModel
<div class="text-center">
<h1 class="display-4">Welcome</h1>
<p>Welcome to TideCloak ASP.NET Core app.</p>
@if (User.Identity.IsAuthenticated)
{
<a asp-page="/UserDetails" class="btn btn-primary">View User Details</a>
<a class="btn btn-primary" asp-page="/Logout">Logout</a>
}
else
{
<a class="btn btn-primary" asp-page="/Login">Login</a>
}
</div>
7) Run
dotnet run
Open http://localhost:8000, hit Login, authenticate on TideCloak, then view User Details.