.NET authentication, the async way
AuthStack.Client is the typed NuGet package for
AuthStack — OAuth 2.0, JWT refresh, SSO providers, passkey ceremony,
and per-org email branding from C# / F# / VB. Targets
net8.0 and net10.0. Works in ASP.NET Core,
Blazor, MAUI, Worker Services, and console apps.
# 1. Add the package
dotnet add package AuthStack.Client
// 2. Register at startup
builder.Services.AddSingleton(new AuthStackClient(new AuthStackConfig
{
BaseUrl = "https://api.authstack.voostack.com",
}));
// 3. Sign in (email + password)
var result = await client.LoginAsync("user@example.com", "••••••••");
if (result.IsSuccess)
{
var jwt = result.Tokens!.AccessToken;
// … attach to your HttpClient / use as a cookie
}
// 4. Or use the hosted-auth code grant
var portal = await client.GetProviderAuthUrlAsync(
OAuthProvider.GitHub,
redirectUri: "https://yourapp.com/callback");
// → redirect the browser to portal.AuthorizationUrl Why .NET teams pick AuthStack over IdentityServer or Auth0
No IdentityServer to run
IdentityServer's free tier disappeared in 2022. Duende's commercial license starts at $1,500/yr just to keep what was free. AuthStack is hosted — free 1k MAU, then pennies.
Typed, AOT-friendly
System.Text.Json source-gen ready. Records and primary constructors throughout. Zero reflection-heavy serializers. Plays nicely with trimming and native AOT.
Cancellation everywhere
Every async method takes a CancellationToken. Plays well with the ASP.NET Core request pipeline and Worker Service shutdown.
OAuth + WebAuthn together
Passkey (FIDO2) registration and assertion are first-class — same SDK, same model. Auth0's WebAuthn is gated to their B2C tier; here it's in the free tier.
Machine-to-machine API keys
Mint scoped API keys for backend integrations without burning an OAuth seat. Constant-time hash verification, revocable, usage-tracked.
Custom claims + per-org JWT signing
RSA-signed tokens with a JWKS endpoint. Add custom claims at token mint. Validate the tokens with any standard ASP.NET Core JwtBearer middleware.
Get started with the .NET SDK
The integration guide covers OAuth code-grant, JWT validation, refresh-token rotation, passkey ceremony, and how to wire the AuthStack JWT into the standard JwtBearer authentication handler.