External OAuth authentication providers
By Rick Anderson, Pranav Rastogi, and Valeriy Novytskyy
The following list includes common external OAuth authentication providers that work with ASP.NET Core apps. Third-party NuGet packages, such as the ones maintained by OpenIddict or aspnet-contrib, can be used to complement the authentication providers implemented by the ASP.NET Core team.
Reddit (Instructions)
Multiple authentication providers
When the app requires multiple providers, chain the provider extension methods behind AddAuthentication:
services.AddAuthentication()
.AddMicrosoftAccount(microsoftOptions => { ... })
.AddGoogle(googleOptions => { ... })
.AddTwitter(twitterOptions => { ... })
.AddFacebook(facebookOptions => { ... });
Forward request information with a proxy or load balancer
If the app is deployed behind a proxy server or load balancer, some of the original request information might be forwarded to the app in request headers. This information usually includes the secure request scheme (https
), host, and client IP address. Apps don't automatically read these request headers to discover and use the original request information.
The scheme is used in link generation that affects the authentication flow with external providers. Losing the secure scheme (https
) results in the app generating incorrect insecure redirect URLs.
Use Forwarded Headers Middleware to make the original request information available to the app for request processing.
For more information, see Configure ASP.NET Core to work with proxy servers and load balancers.
ASP.NET Core
Phản hồi
https://aka.ms/ContentUserFeedback.
Sắp ra mắt: Trong năm 2024, chúng tôi sẽ dần gỡ bỏ Sự cố với GitHub dưới dạng cơ chế phản hồi cho nội dung và thay thế bằng hệ thống phản hồi mới. Để biết thêm thông tin, hãy xem:Gửi và xem ý kiến phản hồi dành cho