Swashbuckle.aspnetcore: Can i use swashbuckle together with Auth0?

I do not have a complete answer, but perhaps some pointers that could be helpful.

It is possible to add security definitions to the generated Swagger documentation using

services.AddSwaggerGen(options => 
{      
  ...
  options.AddSecurityDefinition(...);
  ...
});

To generate the correct security definition for Auth0 you can try to google something like "Auth0 swagger". I didn't find anything that looked super promising, but as I have never used Auth0 I don't really know what to look for.

After generating the correct security definition there is potentially an issue with using it from Swagger UI. If there is you can search for ways to configure Swagger-UI. Here's an instruction on how to get configuration of Swagger-UI working on ASP.NET Core.

I hope some of the above can be helpful. To summarize there should not be anything in Swashbuckle preventing you from doing this, any limitations will probably be in Swagger and/or Swagger-UI.

Thank you. I have managed to get my swagger ui to redirect me to auth0 to log in. It all goes ok up till the point where I execute one of my methods. Then I get an invalid token error.

I would also love to see this. Auth0 uses JWT tokens so you need to put "Bearer jwt_token" in the Authorization header. To get that JWT token for a user is not hard an Auth0 provide many examples for a lot of different single page apps but no info on modifying Swagger. A more generic thing that would resolve this for me atleast would to be able to pass the token in to swagger as i have access to it in my Angular2 app and server side but can't work out how to get it to swaggerUi client and make swagger UI client to have required you to login first to guarantee that i would have the token.

The Auth0 popup login screen would be ideal but i understand why that may be hard.

@ThinkAboutGitHub, @seertenedos - I'm not overly familiar with auth0 either but from what I can tell it supports OAuth2. Have you looked at the sample Website that configures Swashbuckle to describe the OAuth2 scheme for the API and enables it in the swagger-ui?

https://github.com/domaindrivendev/Swashbuckle.AspNetCore/blob/master/test/WebSites/OAuth2Integration/Startup.cs

If you configure the Swagger security description according to your setup, it will automatically power a fully integrated login process in the UI that ultimately results in the "Authorization Bearer jwt_token" being sent with any subsequent API requests made via the "Try it out" button.

Maybe you've looked at this already but if not you should.

Closing due to inactivity. Also worth noting, the docs have been updated to include a section specifically for OAuth2 integration: https://github.com/domaindrivendev/Swashbuckle.AspNetCore#add-security-definitions-and-requirements

The documentation work for OAuth2 but not for Auth0. Doc you know how to this?

I also had issues with invalid token but managed to solve it by adding audience as a query parameter to the authorization url.

https://[mytenant].eu.auth0.com/authorize?audience=https://myapi

@domaindrivendev I use all the specified configs but the token appears on address bar an also the "try out" button gets me 401. Did I miss something?

I also had issues with invalid token but managed to solve it by adding audience as a query parameter to the authorization url.

https://[mytenant].eu.auth0.com/authorize?audience=https://myapi

@Karlssonsimon This worked great for the Auth URL. Any ideas for the Token URL? The querystring param doesn't work