JN.Authentication 1.3.0

dotnet add package JN.Authentication --version 1.3.0
NuGet\Install-Package JN.Authentication -Version 1.3.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="JN.Authentication" Version="1.3.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add JN.Authentication --version 1.3.0
#r "nuget: JN.Authentication, 1.3.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install JN.Authentication as a Cake Addin
#addin nuget:?package=JN.Authentication&version=1.3.0

// Install JN.Authentication as a Cake Tool
#tool nuget:?package=JN.Authentication&version=1.3.0


Simple Authentication implementation for ASP.NET Core.

  • Basic Authentication Scheme
  • API Key Custom Authentication Scheme


Download the package from NuGet:

Install-Package JN.Authentication -Version [version number]


First, you must add one (or both) authentication scheme to the application pipeline:

public void ConfigureServices(IServiceCollection services)
    // Basic authentication 
      .AddBasic(options =>
          options.Realm = "api";
          options.LogInformation = true; //optional, default is false;
          options.HttpPostMethodOnly = false;
          options.HeaderEncoding = Encoding.UTF8; //optional, default is UTF8;
          options.ChallengeResponse = ValidationService.ChallengeResponse;

    // validation service
    services.AddSingleton<IBasicValidationService, BasicValidationService>();

    // ApiKey authentication
      .AddApiKey(options =>
          options.LogInformation = true;
          options.HttpPostMethodOnly = false;
          options.AcceptsQueryString = true;
          options.HeaderName = "ApiKey";
          options.ChallengeResponse = ValidationService.ChallengeResponse;

    // validation service
    services.AddSingleton<IApiKeyValidationService, ApiKeyValidationService>();


ChallengeResponse is a delegate called before a 401 response is sent to the client. It can be used to change the response (including content type). You can see an example here.

IBasicValidationService and IApiKeyValidationService should have an implementation where the access details are validated (for example by querying a database).

An implementation for ValidateUser of interface IBasicValidationService could be something like the following:

public async Task<ValidationResult> ValidateUser(string username, string password, string resourceName)
    var user = await GetFromDB(username, password, resourceName);

    if (user != null)
        var claims = new[]
            new Claim(ClaimTypes.GivenName, user.FullName),
            new Claim(ClaimTypes.Name, username),
            new Claim(ClaimTypes.Email, user.Email),
            new Claim("IsAdmin", user.IsAdmin),
            new Claim(ClaimTypes.Role, user.Roles)

        var res = new ValidationResult
            Success = true,
            Claims = claims

        return res;

    return new ValidationResult
        Success = false,
        ErrorDescription = "Invalid User",
        ErrorCode = -1

On your controllers add the Authorize atribute and choose the Authentication Scheme ("Basic" or "ApiKey")

[Authorize(AuthenticationSchemes = "Basic", Policy = "IsAdminPolicy")]

public class BasicAuthSchemeTestController : ControllerBase
   // Your code here


Both authentication schemes allows to:

  • LogInformation: log information using a logging provider
  • HttpPostMethodOnly: allows only POST requests

Basic allows to specify a Realm and HeaderEncoding.

ApiKey authentication allows to change the HeaderName (default is "ApiKey") and can also accept the key in the query string (AcceptsQueryString)

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 is compatible.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.3.0 1,022 8/17/2020
1.2.0 1,276 3/11/2020
1.0.1 1,322 3/24/2019
1.0.0 1,173 3/24/2019

     Changes v1.3.0:

     - added ContentType property to ChallengeResult object returned by delegate ChallengeResponse. This is useful to change response content type to "application/problem+json" if the content is a ProblemDetails object.
     - added information about the HTTP request to ChallengeResponse delegate (RequestDetails object)
     - updated dependencies