How to implement identity authentication using Minimal APIs in ASP.NET Core

By FoxLearn 12/31/2024 2:31:50 AM   255
Minimal APIs offer a lightweight approach to building APIs with minimal dependencies, but authentication and authorization are still often necessary.

To implement identity-based authentication, follow these steps:

Create a Minimal API

Start by creating a minimal API using the basic Web API template in ASP.NET Core.

var builder = WebApplication.CreateBuilder(args);
var app = builder.Build();
app.MapGet("/helloUser", () => "Hello, User!");
app.Run();

Install NuGet Packages

Install Microsoft.AspNetCore.Identity.EntityFrameworkCore, Microsoft.EntityFrameworkCore.SqlServer, and Microsoft.EntityFrameworkCore.Design.

Set Up EF Core and DbContext

Define a custom DbContext class that extends IdentityDbContext to manage users and roles.

public class CustomDbContext : IdentityDbContext<IdentityUser>
{
    public CustomDbContext(DbContextOptions<CustomDbContext> options) : base(options) { }
}

Enable Authentication and Authorization

Configure authentication using AddAuthentication() and enable authorization with AddAuthorization() to control access to endpoints.

builder.Services.AddAuthentication();
builder.Services.AddAuthorization();

Authentication is the process of verifying a user's identity. In ASP.NET Core Minimal APIs, authentication can be enabled using the AddAuthentication() method, which sets up the necessary services to validate user credentials and confirm their identity.

The AddAuthorization method is used to register authorization services in the application's service container. This enables the definition of rules that control access to various resources within the application, allowing you to specify which users or roles are permitted to access certain resources.

Configure Identity and API Endpoints

Add Identity services, such as login, registration, and authorization functionality, using AddIdentityApiEndpoints() in the Program.cs file. You can also secure endpoints like /helloworld by requiring authorization.

builder.Services.AddDbContext<CustomDbContext>();
builder.Services.AddIdentityApiEndpoints().AddEntityFrameworkStores<CustomDbContext>();
var app = builder.Build();
app.MapIdentityApi();
// Configure the HTTP request pipeline.
app.MapGet("/helloUser", () => "Hello, User!").RequireAuthorization();

By following these steps, you create a minimal API with identity-based authentication, ensuring that only authenticated users can access the API's resources.

Related

Categories

Popular Posts

Entity Framework Code First vs Database First vs Model First Approach
Entity Framework Code First vs Database First vs Model First Approach
 12/19/2024
How to Run a C# WinForms App with Administrator Rights
How to Run a C# WinForms App with Administrator Rights
 02/15/2025
Motiv MUI React Admin Dashboard Template
Motiv MUI React Admin Dashboard Template
 11/19/2024
AdminKit Bootstrap 5 HTML5 UI Kits Template
AdminKit Bootstrap 5 HTML5 UI Kits Template
 11/17/2024
K-WD Tailwind CSS Admin Dashboard Template
K-WD Tailwind CSS Admin Dashboard Template
 11/17/2024

Copyright © 2016 - 2025 FoxLearn. All Rights Reserved

Home | Donate | About | Contact | Privacy Policy