Guides
LoginTry for Free

Add Auth Routes

Add the required authentication endpoints to your C# server.

Suggest Edits

Authentication routes manage communication between your frontend and backend, connecting to your Wristband OAuth2 client to handle authentication flows.

Once your SDK is installed and configured, we can add the three core auth endpoints in C#.


Login Route

Your Login route path must match the login URL you configured in the Wristband Dashboard when you created your Wristband Application in previous steps. This should also match the LoginUrl value of your SDK configuration (e.g. AuthRoutes.cs).

// AuthRoutes.cs

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using Wristband.AspNet.Auth;

public static class AuthRoutes
{
    public static WebApplication MapAuthEndpoints(this WebApplication app)
    {
        // Login Endpoint - Route path can be whatever you prefer
        app.MapGet("/auth/login", async (HttpContext httpContext, IWristbandAuthService wristbandAuth) =>
        {
            try {
                // Call the Wristband Login() method and redirect to the resulting URL.
                var wristbandAuthorizeUrl = await wristbandAuth.Login(httpContext, null);
                return Results.Redirect(wristbandAuthorizeUrl);
            } catch (Exception ex) {
                return Results.Problem(detail: $"Unexpected error: {ex.Message}", statusCode: 500);
            }
        })

        ...

    }
}

For more details around the /login implementation, review our Login Endpoint documentation.



Callback Route

Your Callback route path must match the callback URL you configured in the Wristband Dashboard when you created your Wristband OAuth2 Client in previous steps. This should also match the RedirectUri value of your SDK configuration.

// AuthRoutes.cs

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using Wristband.AspNet.Auth;

public static class AuthRoutes
{
    public static WebApplication MapAuthEndpoints(this WebApplication app)
    {
        ...
      
        // Callback Endpoint - Route path can be whatever you prefer
        app.MapGet("/auth/callback", async (HttpContext httpContext, IWristbandAuthService wristbandAuth) =>
        {
            // Call the Wristband Callback() method to get results, token data, and user info.
            var callbackResult = await wristbandAuth.Callback(httpContext);

            // For some edge cases, the SDK will require a redirect to restart the login flow.
            if (callbackResult.Result == CallbackResultType.REDIRECT_REQUIRED)
            {
                return Results.Redirect(callbackResult.RedirectUrl);
            }

            //
            // For now, we will wait on adding session and CSRF handling here
            // (that comes later in this guide)...
            //

            // Otherwise, we know that result === CallbackResultType.COMPLETED.
            // From here, we can navigate to your app's home page.
            var appUrl = callbackResult.CallbackData.ReturnUrl ?? "http://localhost:3000/your-react-home-route";
            return Results.Redirect(appUrl);
        }

      ...
    }
}

For more details around the /callback implementation, review our Callback Endpoint documentation.



Logout Route

Your Logout route path can be any value you want.

// AuthRoutes.cs

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using Wristband.AspNet.Auth;

public static class AuthRoutes
{
    public static WebApplication MapAuthEndpoints(this WebApplication app)
    {
        ...
        
        // Logout Endpoint - Route path can be whatever you prefer
        app.MapGet("/auth/logout", async (HttpContext httpContext, IWristbandAuthService wristbandAuth) =>
        {
            //
            // For now, we will wait on adding session and CSRF handling here...
            //
            try
            {
                // Call the Wristband Logout() method and redirect to the resulting URL.
                var wristbandLogoutUrl = await wristbandAuth.Logout(httpContext, null);
                return Results.Redirect(wristbandLogoutUrl);
            }
            catch (Exception ex)
            {
                return Results.Problem(detail: $"Unexpected error: {ex.Message}", statusCode: 500);
            }
        });
        
        ...
    }
}

For more details around the /logout implementation, review our Logout Endpoint documentation.

Updated 8 days ago

What’s Next

Let's test your Login endpoint's basic functionality first to verify proper redirection to both Tenant Discovery and Tenant-specific Login pages before implementing the full authentication flow.