Site Home
Changelog
LoginTry for Free
Start typing to search…
Back to All
Improved

SDK Auto-Configuration for ASP.NET

about 2 months ago by Jim Verducci

📣 ASP.NET Auth SDK 3.0.0 Release 🎉

There were several enhancements to the ASP.NET Auth SDK with this release. Please refer to the GitHub README for updated documentation and details.

Below is a summary of all changes:

Breaking Changes

  • The deprecated AddWristbandAuth() method that accepted IConfiguration and configSectionName parameters has been removed in version 3.x. You must now use the direct configuration approach. Refer to the v3 Migration Guide for more details.

Backwards-Compatible Changes

  • The all new SDK auto-configuration functionality is now available for the ASP.NET Auth SDK. It supports both lazy and eager auto-configuration. Auto-configuration is enabled by default and will fetch missing configuration values from the Wristband SDK Configuration Endpoint when any auth method is first called. Manual configuration values take precedence over auto-configured values. Set AutoConfigureEnabled to false in the WristbandAuthConfig to disable.
  • The new async Discover() method in WristbandAuthService can be used to eager-load SDK configurations from the Wristband SDK Configuration Endpoint on server startup.
  • The LoginStateSecret config is no longer required. If not provided, it will default to using the client secret. For enhanced security, it is recommended to provide a value that is unique from the client secret. You can run openssl rand -base64 32 to create a secret from your CLI.
  • The LoginConfig class for the Login() method now supports a ReturnUrl field. If a value is provided, then it takes precedence over the existing return_url request query parameter. This new login config provides the same functionality as the existing query parameter approach.
  • The LogoutConfig class for the Logout() method now supports a state field. This is an optional value that allows you to preserve application state through the logout flow when redirecting to the Wristband Logout Endpoint. If provided, it will be appended as a query parameter to the resolved logout URL. Maximum length of 512 characters. This is useful for tracking logout context, displaying post-logout messages, or handling different logout scenarios.

ASP.NET Demo App

  • The ASP.NET demo app has been updated to use the latest version of the SDK in order to show SDK auto-configuration in action.