ASP.Net Web API + Keycloak: A love story

Configuring ASP.Net to use Keycloak for authentication

Frode Hus

Read more posts by this author.

Frode Hus

15 Jul 2022 • 1 min read

I love the fact that you can run Keycloak locally and have a easy developer experience where you can have full access to your identity provider and go crazy!

With Azure Active Directory and all its equals you usually have to create your own instance in the cloud and costs will incur.

However, most of the documentation and samples I find are geared towards Java frameworks which is not very helpful to me.

ASP.Net has built-in support for JWT bearer authentication aaaand...

Because Keycloak implements the OAuth2 standard - no issue 😂!
We just have to configure the middleware a bit different.

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, o =>
            {
                o.MetadataAddress = "https://<your-keycloak-server>/realms/<your-realm>/.well-known/openid-configuration";
                o.Authority = "https://<your-keycloak-server>/realms/<your-realm>";
                o.Audience = "account";
            });

The important bit is MetadataAddress - this is where the middleware will retrieve all the configuration needed to validate access tokens.

Summary

This was short and hopefully sweet - it's easy to use any OAuth2 provider with ASP.Net Web APIs; you just have to point it in the right direction.

And to be honest, this is mostly as a reminder to myself how to set this up since I am so used to other providers.

ASP.Net Web API + Keycloak: A love story

Frode Hus

Frode Hus

Summary

Integration testing JWT authenticated APIs

Using MSAL in a React SPA with Keycloak

Setting up Keycloak with MS SQL Server 2019 container

Container security

Using MSAL in a React SPA with Keycloak

Summary

Subscribe to Frode Hus

Subscribe to Frode Hus