C#/.NET SDK
Learn how to use Corbado in your C#/.NET (ASP.NET Core) application even without an official C#/.NET SDK.
Currently, there is no official SDK support for Corbado. This page explains how to use Corbado even without an official SDK.
If you need support or think we should increase the internal priority of the SDK please send us an email or send us a message in Slack.
You need to take care of the following steps:
OpenAPI client generation
To simplify the integration of Corbado into your application, you can autogenerate a client/SDK. Since the Corbado Backend API follows the API standard OpenAPI (version 3.0.3), this is quite easy:
- Download the official OpenAPI specification
- Take an OpenAPI generator, for example OpenAPI Generator
- Generate the client/SDK for and start using it in your application
Example commands for generating a TypeScript client:
See a list of all available generators and their specific options for different languages and frameworks at https://openapi-generator.tech/docs/generators.
Session handling
To verify if a user is logged in your application needs to verify the session-token (represented as JWT). Corbado utilizes the RS256 algorithm (see JWT security for more details) for its JWTs.
To obtain the public keys required for verifying the JWT signature, you need to retrieve the JWKS (JSON Web Key Set). The JWKS is located at the Frontend API URL:
https://<projectID>.frontendapi.cloud.corbado.io/.well-known/jwks
For example for project ID pro-771306541694234650
:
https://pro-771306541694234650.frontendapi.cloud.corbado.io/.well-known/jwks
Besides verifying the signature you need to check the following JWT claims:
Claim | Description | Check |
---|---|---|
exp | Expiration Time | Must be in future |
nbf | Not Before | Must be in past |
iss | Issuer | Must be Frontend API URL (or CNAME if set) |
JWT libraries
There are multiple JWT libraries available for C#/.NET. Here is one of them:
https://www.nuget.org/packages/System.IdentityModel.Tokens.Jwt/
Was this page helpful?