jsConnectAspNetCoreMvc 7.0.0
dotnet add package jsConnectAspNetCoreMvc --version 7.0.0
NuGet\Install-Package jsConnectAspNetCoreMvc -Version 7.0.0
<PackageReference Include="jsConnectAspNetCoreMvc" Version="7.0.0" />
<PackageVersion Include="jsConnectAspNetCoreMvc" Version="7.0.0" />
<PackageReference Include="jsConnectAspNetCoreMvc" />
paket add jsConnectAspNetCoreMvc --version 7.0.0
#r "nuget: jsConnectAspNetCoreMvc, 7.0.0"
#:package jsConnectAspNetCoreMvc@7.0.0
#addin nuget:?package=jsConnectAspNetCoreMvc&version=7.0.0
#tool nuget:?package=jsConnectAspNetCoreMvc&version=7.0.0
Vanilla Forums jsConnect for ASP.NET Core
Vanilla Forums' jsConnect v3 for ASP.NET Core. Implements the modern JWT-based SSO flow that works under third-party cookie blocking.
What's in the package
The single NuGet jsConnectAspNetCoreMvc ships three assemblies:
| Assembly | Use it for |
|---|---|
jsConnect.Core |
Framework-agnostic v3 primitives (JsConnectV3, options, exceptions). No ASP.NET dependency. |
jsConnect.AspNetCore |
AddJsConnect() + MapJsConnect() extension methods, claims-based user resolver. |
jsConnect.Vanilla |
Optional helper for talking to the Vanilla REST API (username lookup, sanitization). |
Quick start
1. Install the package:
dotnet add package jsConnectAspNetCoreMvc
2. Register and map the endpoint:
using jsConnect.AspNetCore;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddJsConnect(opts =>
{
opts.ClientId = builder.Configuration["Vanilla:ClientId"]!;
opts.Secret = builder.Configuration["Vanilla:Secret"]!;
});
// Or bind from configuration directly:
// builder.Services.AddJsConnect(builder.Configuration.GetSection("Vanilla"));
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.MapJsConnect("/jsconnect"); // pick any route you like
app.Run();
3. Configure your secret (≥ 32 bytes for HS256 — the default):
{
"Vanilla": {
"ClientId": "your-client-id",
"Secret": "your-shared-secret-32-bytes-or-more",
"Algorithm": "HS256",
"ResponseLifetime": "00:10:00"
}
}
4. Make sure HttpContext.User carries the claims the default resolver expects:
| Claim | Maps to JWT field |
|---|---|
ClaimTypes.NameIdentifier |
id (required) |
ClaimTypes.Name |
name (required) |
ClaimTypes.Email |
email (required) |
AvatarUrl (string) |
photo (optional) |
ClaimTypes.Role (any count) |
roles (optional) |
5. In Vanilla's dashboard, set the Authentication URL to https://yourapp/jsconnect.
Customizing user resolution
If your user info doesn't live in claims, implement IJsConnectUserResolver:
public class MyUserResolver : IJsConnectUserResolver
{
public Task<JsConnectUser?> ResolveAsync(HttpContext context, CancellationToken ct)
{
return Task.FromResult<JsConnectUser?>(new JsConnectUser
{
UniqueId = "...",
Name = "...",
Email = "...",
PhotoUrl = "...",
Roles = new[] { "admin" },
CustomFields = new Dictionary<string, object?> { ["department"] = "eng" },
});
}
}
builder.Services.AddSingleton<IJsConnectUserResolver, MyUserResolver>();
Return null to emit a guest response.
Adjusting the default claims mapping
builder.Services.Configure<ClaimsJsConnectUserResolverOptions>(opts =>
{
opts.UniqueIdClaimType = "sub";
opts.NameClaimType = "preferred_username";
opts.PhotoUrlClaimType = "picture";
});
Using the protocol primitives directly
JsConnectV3 is framework-agnostic. Use it from a controller, a worker, or anywhere else:
var jsc = new JsConnectV3(new JsConnectOptions
{
ClientId = "...",
Secret = "...",
});
string redirectUrl = await jsc.GenerateResponseLocationAsync(requestJwt, user);
Opt-in: Vanilla REST API client
The jsConnect.Vanilla namespace provides a small client for the legacy /api/v1/users endpoint, plus UsernameSanitizer for stripping whitespace and accents. These are not part of the jsConnect protocol — Vanilla v3 reconciles users via the id field — but you may want them if you're populating new usernames yourself.
builder.Services.AddHttpClient<VanillaApiClient>(c =>
c.BaseAddress = new Uri("https://forums.example.com/"));
// ...
var unique = await client.GetUniqueUsernameAsync(
UsernameSanitizer.Sanitize("Petr Švihlík")); // -> "PetrSvihlik" or "PetrSvihlik1"
Migrating from 1.x (v2 protocol)
This is a major release. The v2 JSONP+SHA flow has been removed entirely:
| Before (v2) | After (v3) |
|---|---|
Reference jsConnect controller, AddApplicationPart, register HashAlgorithm |
services.AddJsConnect(...); app.MapJsConnect("/jsconnect"); |
Hardcoded /jsconnect/authenticate route |
Any route you pick |
| User claims read inside the controller | IJsConnectUserResolver (claims-based by default) |
JsConnectResponseModel, VanillaApiClient in core path |
Just JsConnectUser + opt-in jsConnect.Vanilla helper |
| Newtonsoft.Json | System.Text.Json + Microsoft.IdentityModel.JsonWebTokens |
In Vanilla's dashboard you must also re-issue your jsConnect client as v3 and update the endpoint URL.
Target framework
.NET 10 (LTS).
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net10.0
- Microsoft.IdentityModel.JsonWebTokens (>= 8.18.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last Updated |
|---|---|---|
| 7.0.0 | 107 | 5/12/2026 |
| 6.0.0 | 248 | 2/24/2024 |
| 5.0.0 | 489 | 11/27/2022 |
| 4.0.1 | 611 | 6/23/2022 |
| 4.0.0 | 578 | 3/5/2021 |
| 3.1.0 | 677 | 8/6/2020 |
| 3.0.0 | 752 | 10/24/2019 |
| 2.0.7 | 3,244 | 3/17/2017 |
| 2.0.5 | 1,361 | 3/15/2017 |
| 2.0.4 | 1,320 | 3/15/2017 |
| 1.0.18 | 1,409 | 2/3/2017 |
| 1.0.6 | 1,449 | 1/25/2017 |
| 1.0.5 | 1,405 | 1/25/2017 |
| 1.0.4 | 1,352 | 1/25/2017 |
| 1.0.3 | 1,336 | 1/25/2017 |
| 1.0.1 | 1,394 | 12/8/2016 |
| 1.0.0 | 1,385 | 12/8/2016 |