Skip to content

The Authress SDK for C# provides authorization as a service with fully compatible REST apis.

License

Notifications You must be signed in to change notification settings

Authress/authress-sdk.cs

Repository files navigation

Authress media banner

Authress SDK for C#

This is the Authress SDK for C#. Authress provides an authorization API for user identity, access control, and api key management as a drop in SaaS.

The Nuget package connects to the Authress API. You can use Authress to build authentication and authorization directly into your applications and services. Additionally, Authress can be used locally to develop faster without needing an Authress Account


Usage

You can either directly install the Authress SDK directly into your current application or checkout the Authress C# Starter Kit.

Installation:

  • run: dotnet add Authress.SDK (or install via visual tools)

Verify Authress JWT

The recommended solution is to use the C# built in OpenID provider by Microsoft. An example implementation is available in the Authress C# Starter Kit. However, in some cases you might need to parse the JWT directly and verify it for use in serverless functions.

using Authress.SDK;

// Get an authress custom domain: https://authress.io/app/#/settings?focus=domain
var authressSettings = new AuthressSettings { AuthressApiUrl = "https://authress.company.com", };
var authressClient = new AuthressClient(tokenProvider, authressSettings)

var verifiedUserIdentity = await authressClient.VerifyToken(jwtToken);
Console.WriteLine($"User ID: {verifiedUserIdentity.UserId}");

Authorize users using user identity token

using Authress.SDK;

namespace Microservice
{
    public class Controller
    {
        public static async void Route()
        {
            // automatically populate forward the users token
            // 1. instantiate all the necessary classes (example using ASP.NET or MVC, but any function works)
            //   If using the HttpContextAccessor, register it first inside the application root
            //   services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
            var tokenProvider = new DynamicTokenProvider(() =>
            {
                // Then get the access token from the incoming API request and return it
                var httpContextAccessor = ServiceProvider.GetRequiredService<IHttpContextAccessor>();
                var accessToken = await httpContextAccessor.HttpContext.GetTokenAsync("Bearer", "access_token");
                return accessToken;
            });
            // Get an authress custom domain: https://authress.io/app/#/settings?focus=domain
            var authressSettings = new AuthressSettings { AuthressApiUrl = "https://authress.company.com", };
            var authressClient = new AuthressClient(tokenProvider, authressSettings);

            // 2. At runtime attempt to Authorize the user for the resource
            await authressClient.AuthorizeUser("USERID", "RESOURCE_URI", "PERMISSION");

            // API Route code
            // ...
        }
    }
}

Authorize using an explicitly set token each time

using Authress.SDK;

namespace Microservice
{
    public class Controller
    {
        public static async void Route()
        {
            // automatically populate forward the users token
            // 1. instantiate all the necessary classes
            var tokenProvider = new ManualTokenProvider();
            var authressSettings = new AuthressSettings { AuthressApiUrl = "https://DOMAIN.api.authress.io", };
            var authressClient = new AuthressClient(tokenProvider, authressSettings);

            // 2. At runtime attempt to Authorize the user for the resource
            tokenProvider.setToken(userJwt);
            await authressClient.AuthorizeUser("USERID", "RESOURCE_URI", "PERMISSION");

            // API Route code
            // ...
        }
    }
}

Authorize users using client secret

using Authress.SDK;

namespace Microservice
{
    public class Controller
    {
        public static async void Route()
        {
            // accessKey is returned from service client creation in Authress UI
            // 1. instantiate all the necessary classes
            var accessKey = 'ACCESS_KEY';
            // Assuming it was encrypted in storage, decrypt it
            var decodedAccessKey = decrypt(accessKey);
            var tokenProvider = new AuthressClientTokenProvider(decodedAccessKey);
            // Get an authress custom domain: https://authress.io/app/#/settings?focus=domain
            var authressSettings = new AuthressSettings { AuthressApiUrl = "https://authress.company.com", };
            var authressClient = new AuthressClient(tokenProvider, authressSettings);

            // Attempt to Authorize the user for the resource
            // 2. At runtime the token provider will automatically pull the token forward
            await authressClient.AuthorizeUser("USERID", "RESOURCE_URI", "PERMISSION");

            // API Route code
            // ...
        }
    }
}

Contribution guidelines for the Authress SDK

Contribution guidelines