Create the app in Twitter
- Navigate to https://apps.twitter.com/ and sign in. If you don’t already have a Twitter account, use the Sign up now link to create one. After signing in, the Application Management page is shown:
- Tap Create New App and fill out the application Name, Description and public Website URI (this can be temporary until you register the domain name):
Enter your development URI with /signin-twitter appended into the Valid OAuth Redirect URIs field (for example:
https://localhost:44320/signin-twitter). The Twitter authentication scheme configured later in this tutorial will automatically handle requests at /signin-twitter route to implement the OAuth flow.
Fill out the rest of the form and tap Create your Twitter application. New application details are displayed:
- When deploying the site you’ll need to revisit the Application Management page and register a new public URI.
Storing Twitter ConsumerKey and ConsumerSecret
Link sensitive settings like Twitter
Consumer Key and
Consumer Secret to your application configuration using the Secret Manager. For the purposes of this tutorial, name the tokens
These tokens can be found on the Keys and Access Tokens tab after creating your new Twitter application:
Configure Twitter Authentication
The project template used in this tutorial ensures that Microsoft.AspNetCore.Authentication.Twitter package is already installed.
To install this package with Visual Studio 2017, right-click on the project and select Manage NuGet Packages.
To install with .NET Core CLI, execute the following in your project directory:
dotnet add package Microsoft.AspNetCore.Authentication.Twitter
Add the Twitter service in the
ConfigureServices method in Startup.cs file:
services.AddIdentity<ApplicationUser, IdentityRole>() .AddEntityFrameworkStores<ApplicationDbContext>() .AddDefaultTokenProviders(); services.AddAuthentication().AddTwitter(twitterOptions => twitterOptions.ConsumerKey = Configuration["Authentication:Twitter:ConsumerKey"]; twitterOptions.ConsumerSecret = Configuration["Authentication:Twitter:ConsumerSecret"]; );
Note: The call to
AddIdentity configures the default scheme settings. The
AddAuthentication(string defaultScheme) overload sets the
DefaultScheme property; and, the
AddAuthentication(Action<AuthenticationOptions> configureOptions) overload sets only the properties you explicitly set. Either of these overloads should only be called once when adding multiple authentication providers. Subsequent calls to it have the potential of overriding any previously configured AuthenticationOptions properties.
See the TwitterOptions API reference for more information on configuration options supported by Twitter authentication. This can be used to request different information about the user.
Sign in with Twitter
Run your application and click Log in. An option to sign in with Twitter appears:
Clicking on Twitter redirects to Twitter for authentication:
After entering your Twitter credentials, you are redirected back to the web site where you can set your email.
You are now logged in using your Twitter credentials:
- ASP.NET Core 2.x only: If Identity isn’t configured by calling
ConfigureServices, attempting to authenticate will result in ArgumentException: The ‘SignInScheme’ option must be provided. The project template used in this tutorial ensures that this is done.
- If the site database has not been created by applying the initial migration, you will get A database operation failed while processing the request error. Tap Apply Migrations to create the database and refresh to continue past the error.
This article showed how you can authenticate with Twitter. You can follow a similar approach to authenticate with other providers listed on the previous page.
Once you publish your web site to Azure web app, you should reset the
ConsumerSecretin the Twitter developer portal.
Authentication:Twitter:ConsumerSecretas application settings in the Azure portal. The configuration system is set up to read keys from environment variables.