MonoCloud.Backend
0.1.0-canary-20260630072153
dotnet add package MonoCloud.Backend --version 0.1.0-canary-20260630072153
NuGet\Install-Package MonoCloud.Backend -Version 0.1.0-canary-20260630072153
<PackageReference Include="MonoCloud.Backend" Version="0.1.0-canary-20260630072153" />
<PackageVersion Include="MonoCloud.Backend" Version="0.1.0-canary-20260630072153" />
<PackageReference Include="MonoCloud.Backend" />
paket add MonoCloud.Backend --version 0.1.0-canary-20260630072153
#r "nuget: MonoCloud.Backend, 0.1.0-canary-20260630072153"
#:package MonoCloud.Backend@0.1.0-canary-20260630072153
#addin nuget:?package=MonoCloud.Backend&version=0.1.0-canary-20260630072153&prerelease
#tool nuget:?package=MonoCloud.Backend&version=0.1.0-canary-20260630072153&prerelease
Introduction
MonoCloud Backend SDK for .NET – secure access token validation for ASP.NET Core APIs and resource servers.
MonoCloud is a modern, developer-friendly Identity & Access Management platform.
This SDK enables ASP.NET Core APIs to validate incoming access tokens issued by MonoCloud. It is implemented as a standard ASP.NET Core authentication handler, so it plugs directly into AddAuthentication(), [Authorize], and the authorization policy system.
The SDK handles:
- JWT access token validation with signature and claims verification
- Opaque token introspection (RFC 7662) with automatic JWT vs. opaque detection
- Scope and group-based authorization through the standard policy system
- Optional caching of validated token claims via
IMonoCloudClaimsCache - mTLS certificate-bound token validation (RFC 8705)
- Multiple client authentication methods for introspection:
client_secret_basic,client_secret_post,client_secret_jwt,private_key_jwt, andtls_client_auth
📘 Documentation
- Documentation: https://www.monocloud.com/docs
- API Reference: https://monocloud.github.io/backend-dotnet
Supported Platforms
This SDK supports applications targeting >= .NET 6.0
📦 Installation
dotnet add package MonoCloud.Backend
Usage
using System.Security.Claims;
using MonoCloud.Backend;
var builder = WebApplication.CreateBuilder(args);
builder.Services
.AddAuthentication(MonoCloudAuthenticationDefaults.AuthenticationScheme)
.AddMonoCloudAuthentication(options =>
{
options.TenantDomain = "https://<your-tenant-domain>";
options.Audience = "<your-api-identifier>";
// Required only for opaque (reference) token introspection:
// options.ClientId = "<your-client-id>";
// options.ClientAuth = new ClientSecretAuth("<your-client-secret>");
});
builder.Services.AddAuthorization();
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.MapGet("/api/protected", (ClaimsPrincipal user) => $"Hello {user.Identity?.Name}")
.RequireAuthorization();
app.Run();
Do not hardcode secrets. Load the tenant domain, client id, and client secret from environment variables, appsettings.json, or a secure secret store.
The handler detects the token format automatically — JWTs are validated locally against the tenant's signing keys, and opaque tokens are introspected.
For full usage (scope/group authorization, client authentication methods, claims caching, mTLS certificate binding, and events), see the documentation and the GitHub repository.
📄 License
Licensed under the MIT License.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 is compatible. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net10.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 10.0.9)
-
net6.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 6.0.36)
-
net7.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 7.0.20)
-
net8.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 8.0.28)
-
net9.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 9.0.17)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last Updated |
|---|---|---|
| 0.1.0-canary-20260630072153 | 46 | 6/30/2026 |
| 0.1.0-canary-20260630070717 | 46 | 6/30/2026 |
| 0.1.0-canary-20260630064118 | 40 | 6/30/2026 |
| 0.0.0-canary-20260630060908 | 44 | 6/30/2026 |