Implementing Basic and JWT Token authentication with C# .NET

- January 11, 2019

Authentication is probably the first thing you will encounter when building a secure Enterprise application and understanding how you can authenticate your application with different authentication protocols including third party authentication flows is really important. Whether you are building an app with ASP.NET, ASP.NET Core, WPF, UWP, Xamarin.Forms Xamarin Android, Xamarin iOS or .NET Core, all these frameworks provides
client side networking libraries managed under System.NET namespace. Among all the classes HttpClient has significant important. It can handle both HTTP and HTTPS connections. The beauty of this class is that it provides both hight level api and low level modification options to work with HTTP connections and you can make any modification within the pipeline like handling HTTP message request/response, filtering, certificates, authorization and much more.

In a nutshell, over HTTP most of the times you will work with two kinds of authentication:
1) Basic (username/password based)
2) Token (access token and/or refresh token based)

Both of these authentication categories require that http request contains Authorization header. The format of the Authorization header in HTTP request is:

Authorzation: {schema} {parameter}

where schema is type of authentication being used and parameter is the value of the credentials/token.

Basic Authentication

Basic authentication requires an http request to have an Authorization header key with value of Basic and base64 encoded string containing username and password separated by colon(:). Below here take a look at HTTP Request that has a Basic authentication header:

Fiddler Http Request composition

In case of Basic authentication, the value for schema is "Basic" and parameter is base64 representation of username and password separated by collon (":") like administrator:password

Note: In modern browsers and utilities you can also pass credential in url and they will automatically convert it into authorization header where the credentials are base64 encoded string. The format is:

https://{username}:{password}@{hostname/}

Take a look at the url of the http request:

Fiddler Http Request with credentials in URL

Now look at the response about the request sent by fiddler, fiddler automatically converted url into Basic Authorization header when sending http request.

Http request header and JSON response from Windows IoT Server

Token Based Authentication

Token based authentication are widely used in OAuth, OpenId and access key based authentication. They also require that http request header contain Authorization key with value Bearer {Token} where Token is the value secret key of api token.

Lets see an example of usage of Token based authentication:

Token based Bearer authentication

Http reponse against bearer authentication

Basic authentication in C#

Lets see how to implement Basic authentication in C#. Initialize HttpClient class with default constructor. Get a byte array by passing string parameter containing username and password separated by colon (:) to static method GetBytes defined in Encoding class and overridden by ASCII class. Get an instance of AuthenticationHeaderValue class by calling its two parameter constructor passing in Basic as first parameter and credentials byte array as second parameter then assign the instance to Authorization property of DefaultRequest property under HttpClient instance (or simply htpClient.DefaultRequestHeaders.Authorization). Finally, call GetAsync instance method of httpClient object to get HttpResponseMessage. You can see authentication success result under HttpRespnseMessage response object's StatusCode enum received from GetAsync() method.

If you have an https website and using self-signed signed certificate checkout code here on how to ignore self-signed certificated exceptions.

Token Authentication in C#

Lets see how to implement Bearer authentication in C#. As discussed earlier, Bearer Authentication is token based where you will receive an access token from either OAuth2.0 or OpenId endpoint or some Auth providers might directly provide you an API Secret Key which is a token.. Once you have the JWT token, your simply need to pass it on the Authorization header with Bearer scheme (no need to convert token to base64 encoded string).

In C#, initialize HttpClient class with default constructor. Get an instance of AuthenticationHeaderValue class by calling its two parameter constructor passing in Bearer as first parameter and token as second parameter then assign the instance to Authorization property of DefaultRequest property under HttpClient instance (or simply htpClient.DefaultRequestHeaders.Authorization). Finally, call GetAsync instance method of httpClient object to get HttpResponseMessage. You can see authentication success result under HttpRespnseMessage response object's StatusCode enum received from GetAsync() method.

If you have an https website and using self-signed signed certificate checkout code here on how to ignore self-signed certificated exceptions.

Just a last note, if you have an https website and get certificate related exception when running the code above you then register a certificate validator callback to return true.

ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;

Comments

velraj1 April 2019 at 21:54
This is an important article. I read like this type of article only. You mentioned more important points about technology. Thankyou.
core java training in chennai
Best core java Training in Chennai
core java Training in OMR
C Training in Chennai
javascript training in chennai
Appium Training in Chennai
JMeter Training in Chennai
core java training in chennai
ReplyDelete
Replies
Laura Bush19 September 2019 at 16:39
sdsfghjkl;
ReplyDelete
Replies
jeya sofia2 May 2020 at 00:36

You are providing a post that is very useful for developing my knowledge and I learn more info from your blog.
Dot Net Training in Velachery
German Classes in T Nagar
Spoken English Classes in Velachery
Tally Course in chennai
SEO Training in T Nagar
Graphic design courses in porur
Python Training in Tambaram
Android Training in Anna Nagar
Hadoop Training in T Nagar
RPA Training in OMR
ReplyDelete
Replies
Rajesh26 May 2020 at 21:54
Thanks for this blog, I'am very much delighted to say that this blog has helped me a lot in gain some extra knowledge.
Selenium Training in chennai | Selenium Training in anna nagar | Selenium Training in omr | Selenium Training in porur | Selenium Training in tambaram | Selenium Training in velachery

ReplyDelete
Replies
ARWA3 February 2022 at 22:02
THANK YOU
ReplyDelete
Replies
Links For You13 September 2022 at 22:12
FL Studio Crack is the latest powerful music production tool. ... Firstly, download the FL Studio Crack from the below setup button. FL Studio Crack Version
ReplyDelete
Replies
Hi Every One10 October 2022 at 23:07
I just wanted to let you know that you are on my mind every single day of the year, especially today on Christmas. I hope you have the biggest smile today Christmas Wishes For Loved Ones
ReplyDelete
Replies
Faik22 August 2023 at 22:49
Portekiz yurtdışı kargo
Romanya yurtdışı kargo
Slovakya yurtdışı kargo
Slovenya yurtdışı kargo
İngiltere yurtdışı kargo
6JEZO
ReplyDelete
Replies
Tevhid24 August 2023 at 05:48
Angila yurtdışı kargo
Andora yurtdışı kargo
Arnavutluk yurtdışı kargo
Arjantin yurtdışı kargo
Antigua ve Barbuda yurtdışı kargo

LF4
ReplyDelete
Replies
WarpByteChaser90003 October 2023 at 13:25
elazığ
gümüşhane
kilis
siirt
sakarya
0HB
ReplyDelete
Replies
Erhan678765 October 2023 at 19:25
sakarya
elazığ
sinop
siirt
van
MEUV
ReplyDelete
Replies
TimeSorcerer18 October 2023 at 06:20
ankara parça eşya taşıma
takipçi satın al
antalya rent a car
antalya rent a car
ankara parça eşya taşıma
W724
ReplyDelete
Replies
StellarGuardianA57224 October 2023 at 12:18
maraş evden eve nakliyat
maraş evden eve nakliyat
izmir evden eve nakliyat
konya evden eve nakliyat
erzurum evden eve nakliyat
CGH7
ReplyDelete
Replies
MagicGöçmen1831 October 2023 at 10:38
ığdır evden eve nakliyat
bitlis evden eve nakliyat
batman evden eve nakliyat
rize evden eve nakliyat
niğde evden eve nakliyat
ZHO35B
ReplyDelete
Replies
MaviGözler262 November 2023 at 10:06
urfa evden eve nakliyat
malatya evden eve nakliyat
burdur evden eve nakliyat
kırıkkale evden eve nakliyat
kars evden eve nakliyat
JOPİ
ReplyDelete
Replies
E789DDarren0C0386 November 2023 at 14:19
BCB05
Çanakkale Parça Eşya Taşıma
Osmaniye Lojistik
Ordu Lojistik
Amasya Lojistik
Muğla Evden Eve Nakliyat
ReplyDelete
Replies
3DF13Annabel24B417 November 2023 at 23:42
3E248
Çerkezköy Boya Ustası
Çanakkale Evden Eve Nakliyat
Adana Evden Eve Nakliyat
Çerkezköy Cam Balkon
Sinop Evden Eve Nakliyat
ReplyDelete
Replies
D352CAlan614319 November 2023 at 12:53
BD958
Yozgat Evden Eve Nakliyat
Balıkesir Evden Eve Nakliyat
Manisa Evden Eve Nakliyat
Elazığ Parça Eşya Taşıma
İzmir Şehir İçi Nakliyat
Bartın Şehir İçi Nakliyat
Urfa Evden Eve Nakliyat
Kırşehir Şehirler Arası Nakliyat
Kırıkkale Şehir İçi Nakliyat
ReplyDelete
Replies
90866Riya48CFE10 November 2023 at 07:06
5F43B
Balıkesir Parça Eşya Taşıma
Edirne Şehir İçi Nakliyat
Çanakkale Parça Eşya Taşıma
Çanakkale Evden Eve Nakliyat
Aksaray Şehirler Arası Nakliyat
Mercatox Güvenilir mi
Ordu Lojistik
Yozgat Şehir İçi Nakliyat
Maraş Parça Eşya Taşıma
ReplyDelete
Replies
22127GeorgeF011D10 November 2023 at 20:02
6934C
Muğla Parça Eşya Taşıma
Siirt Lojistik
Çanakkale Evden Eve Nakliyat
Kars Evden Eve Nakliyat
Afyon Parça Eşya Taşıma
Kocaeli Şehirler Arası Nakliyat
Çerkezköy Korkuluk
Keçiören Boya Ustası
Amasya Parça Eşya Taşıma
ReplyDelete
Replies
A436BArmaniD904D11 November 2023 at 19:23
F2FE6
Hatay Şehirler Arası Nakliyat
Balıkesir Şehir İçi Nakliyat
Jns Coin Hangi Borsada
Afyon Şehir İçi Nakliyat
Kırıkkale Evden Eve Nakliyat
Ardahan Lojistik
Tunceli Şehir İçi Nakliyat
Mersin Evden Eve Nakliyat
Bayburt Lojistik
ReplyDelete
Replies
3235EBrandonC9E4B13 November 2023 at 08:37
09E8E
Elazığ Parça Eşya Taşıma
Erzurum Şehirler Arası Nakliyat
Ünye Fayans Ustası
Silivri Cam Balkon
Probit Güvenilir mi
Mardin Şehirler Arası Nakliyat
Sinop Şehir İçi Nakliyat
Altındağ Fayans Ustası
Keçiören Parke Ustası
ReplyDelete
Replies
3D750MarshallCBC7B14 November 2023 at 05:39
A16E2
Karaman Lojistik
Aksaray Lojistik
Kırklareli Parça Eşya Taşıma
Big Wolf Coin Hangi Borsada
Mamak Fayans Ustası
Edirne Evden Eve Nakliyat
Arbitrum Coin Hangi Borsada
Tokat Şehir İçi Nakliyat
Bayburt Lojistik
ReplyDelete
Replies
0E37DRonaldBC99516 November 2023 at 17:19
D44C2
Karapürçek Boya Ustası
Bingöl Şehir İçi Nakliyat
Ankara Boya Ustası
Kars Lojistik
Çerkezköy Oto Lastik
Düzce Şehir İçi Nakliyat
Bitmart Güvenilir mi
Çanakkale Evden Eve Nakliyat
Ünye Evden Eve Nakliyat
ReplyDelete
Replies
A617FChesterEA88018 November 2023 at 00:23
CCE4D
Kırıkkale Evden Eve Nakliyat
Çankırı Şehir İçi Nakliyat
Bolu Şehirler Arası Nakliyat
Samsun Şehirler Arası Nakliyat
Balıkesir Parça Eşya Taşıma
Şırnak Evden Eve Nakliyat
Amasya Lojistik
Bolu Lojistik
Gümüşhane Parça Eşya Taşıma
ReplyDelete
Replies
ADAB5Amber5A83722 November 2023 at 08:31
66730
Kilis Evden Eve Nakliyat
Tekirdağ Parke Ustası
Aksaray Şehir İçi Nakliyat
Adana Lojistik
Sivas Lojistik
Antalya Evden Eve Nakliyat
Gümüşhane Parça Eşya Taşıma
Aksaray Evden Eve Nakliyat
Etlik Boya Ustası
ReplyDelete
Replies
81BDEMarleighA7A0B29 November 2023 at 08:16
A4969
binance referans
ReplyDelete
Replies
7EE2DNolaA850629 November 2023 at 09:09
0EB9F
binance indirim kodu %20
ReplyDelete
Replies
B4EC7Dariana982924 December 2023 at 02:34
2E4CB
binance referans kodu %20
ReplyDelete
Replies
F5623Bryleigh9CAA015 December 2023 at 11:58
1D424
resimli magnet
binance referans kodu
resimli magnet
binance referans kodu
referans kimliği nedir
resimli magnet
binance referans kodu
referans kimliği nedir
binance referans kodu
ReplyDelete
Replies
E0D77Jerome5D1234 January 2024 at 20:33
C18E3
tekirdağ canlı sohbet odası
görüntülü sohbet uygulamaları ücretsiz
burdur tamamen ücretsiz sohbet siteleri
giresun görüntülü sohbet siteleri ücretsiz
rastgele görüntülü sohbet uygulaması
adana canlı sohbet bedava
izmir ücretsiz görüntülü sohbet
batman yabancı canlı sohbet
rastgele sohbet
ReplyDelete
Replies
4A123ShaniyaE63F35 January 2024 at 19:12
8B425
Kripto Para Çıkarma Siteleri
Tiktok İzlenme Hilesi
Facebook Takipçi Hilesi
Kripto Para Üretme Siteleri
Mefa Coin Hangi Borsada
Binance Nasıl Oynanır
Bitcoin Hesap Açma
Coin Madenciliği Nasıl Yapılır
Coin Madenciliği Siteleri
ReplyDelete
Replies
842F1Carol92D7117 January 2024 at 17:25
F0904
Gate io Borsası Güvenilir mi
Mefa Coin Hangi Borsada
Soundcloud Takipçi Hilesi
Pinterest Takipçi Satın Al
Coin Nasıl Çıkarılır
Bitcoin Nasıl Alınır
Ceek Coin Hangi Borsada
Likee App Beğeni Satın Al
Parasız Görüntülü Sohbet
ReplyDelete
Replies
7E6DBLauraEE3C64 February 2024 at 06:34
00EF4
ellipal
safepal
shiba
phantom
raydium
dcent
zkswap
ledger wallet
layerzero
ReplyDelete
Replies
Takipci________20 February 2024 at 10:26
E28D0
canlı sohbet uygulamaları
poloniex
bitget
papaya
bitcoin seans saatleri
probit
telegram kripto
binance ne demek
kucoin
ReplyDelete
Replies
_Takipci____20 February 2024 at 12:01
AA471
kucoin
bitcoin seans saatleri
https://kapinagelsin.com.tr/
coin nasıl alınır
huobi
bibox
en düşük komisyonlu kripto borsası
kripto para kanalları telegram
binance
ReplyDelete
Replies
31C24Cameron0F47B11 May 2024 at 00:46
AB453
Bitcoin Forum
Skl Coin Yorum
Grt Coin Yorum
Rose Coin Yorum
Bitcoin Yorum
Rad Coin Yorum
BTC Yorum
Bal Coin Yorum
Ren Coin Yorum
ReplyDelete
Replies

Add comment

Search This Blog

Imran Aftab Rana Blogs