Keycloak.Net.Authentication
1.0.3
See the version list below for details.
dotnet add package Keycloak.Net.Authentication --version 1.0.3
NuGet\Install-Package Keycloak.Net.Authentication -Version 1.0.3
<PackageReference Include="Keycloak.Net.Authentication" Version="1.0.3" />
paket add Keycloak.Net.Authentication --version 1.0.3
#r "nuget: Keycloak.Net.Authentication, 1.0.3"
// Install Keycloak.Net.Authentication as a Cake Addin
#addin nuget:?package=Keycloak.Net.Authentication&version=1.0.3
// Install Keycloak.Net.Authentication as a Cake Tool
#tool nuget:?package=Keycloak.Net.Authentication&version=1.0.3
Keycloak .Net Authentication
Authentication with Keycloak in .NET and ASP.NET Core. Secure your api with Keycloak JWT bearer authentication
Add the Keycloak.Net.Authentification nuget package to your project.
Api calls requires auhorization header with an JWT token from Keycloak.
POST https://yourapi/action HTTP/1.1
Auhorization: Bearer JwtTokenContent
How to use
Add to program.cs of your api
Option no.1 (easiest way)
builder.Services
.AddKeyCloakAuthentication()
.AddKeyCloakJwtBearerOptions("appsettings_section_name");
.....
app.UseAuthentication();
app.UseAuthorization();
Add section to the appsettings.{Environment}.json
- Authority is required. If not set will throw exception during app startup.
- Set the audience as "Audience", "ValidAudience" or "ValidAudiences". If not set will throw exception during app startup.
{
"KeycloakUrl": "<<FROM_USER_SECRET>>",
"RealmName": "<<FROM_USER_SECRET>>",
"appsettings_section_name": {
"Authority": "{KeycloakUrl}{RealmName}",
"Audience": "<<Audience>>"
}
// or
"appsettings_section_name": {
"Authority": "{KeycloakUrl}{RealmName}",
"ValidAudience": "<<Audience>>"
}
//or
"appsettings_section_name": {
"Authority": "{KeycloakUrl}{RealmName}",
"ValidAudiences": ["<<Audience>>"]
}
}
Option no.2
- Variation of first option. Additional configuration of JwtBearerOptions available.
- If set will override the value of same property defined in appsettings.{Environment}.json
builder.Services
.AddKeyCloakAuthentication()
.AddKeyCloakJwtBearerOptions("appsettings_section_name", options =>
{
options.Audience = "<<Audience>>";
options.SaveToken = true;
options.TokenValidationParameters.ClockSkew = TimeSpan.FromSeconds(30);
});
Option no.3
- If you want to get auth options from other source, not from appsettings.{Environment}.json, you can pass Action<JwtBearerValidationOptions> instead.
- Authority is required. If not set will throw exception during app startup.
- Set the audience as "Audience", "ValidAudience" or "ValidAudiences".If not set will throw exception during app startup.
builder.Services
.AddKeyCloakAuthentication()
.AddKeyCloakJwtBearerOptions(options =>
{
options.KeycloakAuthority = "https://{host}/realms/{realm}";
options.KeycloakAudience = "<<Audience>>";
})
Option no.4
- You have to manually configure the JwtBearerOtions.
builder.Services
.AddKeyCloakAuthentication()
.AddJwtBearerOptions(options =>
{
options.Authority = "https://{host}/realms/{realm}";
options.Audience = "<<Audience>>";
......
options.TokenValidationParameters = new TokenValidationParameters( options =>
{
options.ClockSkew = TimeSpan.FromSeconds(30);
.......
});
});
JWT transformation
- Under the hood the Keyclaok JWT is mapped and transformed to Identity JWT
- The Keycloak Realm and Client "roles" claims are mapped and transformed to ClaimType.Role
- By default the Keycloak "preferred_username" claim is transformed to ClaimType.Name. You can change it by just adding the following:
{
"KeycloakUrl": "<<FROM_USER_SECRET>>",
"RealmName": "<<FROM_USER_SECRET>>",
"appsettings_section_name": {
"Authority": "{KeycloakUrl}{RealmName}",
"Audience": "<<Audience>>",
"NameClaim: "<<NameOfClaimWhichShouldBeSetToNameClaim>>"
}
}
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
-
net8.0
NuGet packages (1)
Showing the top 1 NuGet packages that depend on Keycloak.Net.Authentication:
Package | Downloads |
---|---|
Keycloak.Net.Authorization
Authorization with Keycloak in .NET and ASP.NET Core |
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
2.0.0 | 117 | 2/20/2024 |
1.0.3 | 110 | 1/27/2024 |
1.0.2 | 91 | 1/24/2024 |
1.0.2-rc0.2 | 48 | 1/23/2024 |
1.0.2-rc0.1 | 42 | 1/23/2024 |
1.0.1 | 105 | 1/15/2024 |
1.0.0-rc01 | 71 | 1/14/2024 |
1.0.0-rc | 73 | 1/12/2024 |
Update the Microsoft.AspNetCore.Authentication.JwtBearer to version 8.0.1