ASP.NET Identity is the new membership system for building ASP.NET web applications. ASP.NET Identity allows you to add login features to your application and makes it easy to customize data about the logged in user.
[Update] Please visit ASP.NET Identity for getting the latest information about ASP.NET Identity project and learning more on how to get started and migrate from earlier membership systems.
Features
Following are some of the feature of the ASP.NET Identity system
- One ASP.NET Identity system
- ASP.NET Identity can be used with all of the ASP.NET frameworks such as ASP.NET MVC, Web Forms, Web Pages, Web API and SignalR
- Ease of plugging in profile data about the user
- When you create new users in your application, it is now easy to add extra information about the user. For eg.. if you wanted to add a Birthdate option for users when they Register an account in your application.
- ASP.NET Identity uses Entity Framework Code First and it is possible to extend the POCO classes.
- Persistence control
- By default the ASP.NET Identity system will store all the user information in a database. ASP.NET Identity uses Entity Framework Code First to implement all of its persistence mechanism.
- If your application requirements are that this information might be stored in a different storage mechanism such as SharePoint, Azure Table Service, No Sql databases etc. it is now possible to plug in different storage providers.
- Unit testability
- ASP.NET Identity makes the web application more unit testable. You can write Unit Tests for the parts of your application that use ASP.NET Identity
- Simple Role provider
- There is a Simple Role providers which lets you restrict access to parts of your application by Roles. You can easily create Roles such as “Admin” and add Users to Roles.
- Claims Based
- ASP.NET Identity supports claims-based authentication, where the user’s identity is represented as a set of claims. There is a Claims
- External Logins
- You can easily add external logins such as Microsoft Account, Facebook, Twitter and Google to your application store the user specific data in your application using this system.
- You can also add login functionality using Windows Azure Active Directory and store the user specific data in your application using this system.
How do I get it?
ASP.NET Identity is used by ASP.NET Web Forms, MVC and SPA templates in Visual Studio 2013. it is also available as Nuget packages on the Nuget gallery
- Nuget packages
- Microsoft.Aspnet.Identity.Core
- This package contains the core interfaces of ASP.NET Identity.
- Microsoft.Aspnet.Identity.Core
- Microsoft.Aspnet.Identity.EntityFramework
- This package contains the implementation of ASP.NET Identity system which works with Entity Framework. This means that if you use this package then you can store information in a Sql Server database.
- VS 2013 preview
- The ASP.NET Web Forms, MVC and SPA templates have 1.0.0-alpha1 version of ASP.NET Identity
- ASP.NET and Web Tools 2013 Preview Refresh (Supports English version of VS2013 Preview only)
- The ASP.NET Web Forms, MVC and SPA templates have 1.0.0-beta1 version of ASP.NET Identity
- You can download the Preview refresh by clicking the above link
- Following are the notable changes from 1.0.0-alpha1 – 1.0.0-beta1
- In these templates you no longer need IdentityConfig.cs
- Lots of public APIs were changed for renames and refactoring of code.
- Transactions support was added to the framework.
Sample to add profile data
The following video video(mark 55min) https://channel9.msdn.com/Events/TechEd/NorthAmerica/2013/DEV-B314#fbid=fEhPNbmXE9- gives you a sneak peak into the features.
You can download a sample from https://github.com/rustd/AspnetIdentitySample. This is based on the ASP.NET MVC template that shipped with ASP.NET and Web Tools 2013 Preview Refresh (Supports English version of VS2013 Preview only) Once you have this Preview Refresh installed you can do the same for ASP.NET Web Forms and SPA applications.
Please do stay tuned to this blog for upcoming posts where I will dive into the various other features in this system.
Cool. Are you going to open source this library? Right after it become final?
Hi,
Seems to be very nice!
What if I already have a designed Database to manage Users and I am using Database First strategy for EF?
Can I get it running on my current ASP.Net 4.5(.0) projects?
thank you very much
Alberto
For those of you, preferring custom membership database schema and database-first development, see:
github.com/…/MembershipDatabase
1. Can I use old membership database from SimpleMembership (MVC4) with this new membership system?
2. And what should I do if I have a lot of members in database using SqlMembershipProvider (Old ASP.NET Web Forms) already? can I migrate the data or else to smooth transition process as possible?
Thank you
This looks like a clean and configurable implementation. One thing that I can't figure out (or maybe it's impossible?) is that I have to use a class name other than User (like MyUser or CustomUser) for my user model (because its base class is Microsoft.AspNet.Identity.EntityFramework.User and for some odd reason Entity Framework cannot create database model when both classes share the same simple name). It's not really nice to use MyUser throughout the project.
Anyway, some documentation would be nice.
I'd love to see some other mechanism for plugging in a custom DbContext model. For example:
var db = new DatabaseContext();
IdentityStoreManager.RegisterUserStore(context: db, usersStore: db => db.Users, userId: u => u.UserID, userName: u => u.LoginName);
So that consumers could not only use a custom db context, entity models but also their own property names, which may differ from what is defined in Microsoft.AspNet.Identity.Core
this is still does not support the default registration process on a website.
1. Register with e-mail
2. Confirm mail account
3. Login
Also resending forgotten password is not supported?! How can i add that?
@piggy, suthep you should be able to implement custom stores to integrate your existing databases. We will definitely have more information/blog posts about how to do this for RTM if not sooner.
I would also like to see a configuration example. I already have a table named Users I would like to reuse.
@daniel, We don't have the email registration/password reset out of box, but a community SPA template shows how to do it really well with WebAPI in VS2012.2, please check http://www.asp.net/…/backbonejs-template.
i was working on something similar to this for our applications needs. It seems that there's something missing with your schema that a lot of users would need (well… i think). I think your schema should be Applications aware. What if i need to have different Roles in each Applications that i have?
For exemple, all my users are in ActiveDirectory. To gain access to an application, an user must be in a Role of that application.
Is it possible to do that easly with the new Asp.net Identity? I ask you that because it seems that the SimpleMembershipProvider and your new Asp.net Identity are for one application only.
alex
This is cool. I will have to read more on ONE ASP.NET and this Asp.net Identity. VS 2013 will be so cool
I agree with AlexandreJobin. If this is planned to support only one app then it might be good to state so upfront so we don't waste much time hoping the RTM will be different.
it would be great to hear a member of the Asp.Net Identity team about if it will be for single application only or if we will be able to have a strategy per application. It's still the time to think about it before the beta release 🙂
It would be great with example that can reuse my User class that uses Int32 for user id instead of Guid.
Really missing some documentation for configuration.
Also will this be open sourced?
Hi I'd like to second both @Piggy's and @Martin's comments.
…basically, this new Identity seems like a clean solution, but most of us will have an existing database and are already using Int32 for the identity field of an existing Users table.
How can we integrate this? Many of us don't have the luxury of using File>New
A basic blog post would be great showing how to connect Identity to an existing system (as in how to tweak the Identity defaults instead of existing databases.)
I'm trying to customize the membership system that's included with MVC 5 and Visual Studio 2013, using the Microsoft.AspNet.Identity classes. The databases are created by Entity Framework, but it fails at trying to register a local account. I've posted my code to StackOverflow (URL below), so I won't post it all here. Could someone take a look at what I've done and let me know why it's failing?
stackoverflow.com/…/custom-membership-with-microsoft-aspnet-identity-createlocaluser-fails
Thanks so much,
Vito
Where is example to add user Role.
Is there any information available on how to work with the identity system and use a custom storage provider?
Between the Video, Sample and a search no the net, I find examples that uses user level Identity. So far I'm not finding any examples that use the Simple Role Provider functionality.
In IRoleStore, wouldn't it be more semantically correct to call the method GetUsersInRole, rather than GetUsersInRoles since you are getting the users in a single role, not multiples roles.
@Vance: thank you for pointing it out. We'll update the API
This is a great feature!!! How can I get this to work with the LightSwitch HTML client?
Why Microsoft.Aspnet.Identity.EntityFramework have these two dependencies?
Microsoft.Owin.Security.Forms (≥ 1.1.0-beta2)
Microsoft.Owin.Host.SystemWeb (≥ 1.1.0-beta2)
It doesn't use those in the code.
I installed this preview refresh, created a new web project, and just ran it, but the login page didn't work,
the error message:
No owin.Environment item was found in context.
just like this post
connect.microsoft.com/…/new-webform-app-login-crashes-no-owin-environment
One question…does the IdentityDbContext actually work for Roles?
because all of these return true yet absolutely nothing is written to the database. there are also no exceptions.
if (await AuthenticationManager.CheckPasswordAndSignIn(HttpContext, model.UserName, model.Password, model.RememberMe))
{
var createRole = await RoleStore.CreateRole(new Role("amazingRole"));
var result = await RoleStore.AddUserToRole("amazingRole",model.UserName);
var exists = await RoleStore.RoleExists("amazingRole");
return RedirectToLocal(returnUrl);
}
never mind.
calling SaveChanges could be a good idea 😀
Ok but this makes me wonder why RoleStore doesn't expose the DataContext like IdentityStoreManager and IdentityAuthenticationManager ?
Don't really see a real need in creating a custom class which uses RoleStore as base just to get the context property.
Are there any samples out there on how to use RoleStore correctly?
Doesn't work for me because of this bug: connect.microsoft.com/…/new-webform-app-login-crashes-no-owin-environment
Any ideas when it will be fixed?
@Suthep: There will be a blog post to outline how to migrate from an existing database
@Hani: I have filed a bug for it internally
@Daniel: There will be support for this sometime in the future
@Martin, @Manpreet, @Koen: There will be blog posts for addressing you scenarios soon
@Luiz: The Identity system works with the OWIN middleware for features such as sign on and OAuth authentication. Hence the dependency
@Looooooka: There will be a blog post explaining using Roles pretty soon
Are there plans to make Microsoft.Aspnet.Identity.AzureStorage ?
I am also waiting for information on how to use the "Role" feature. I have searched all over the place and cannot find any info.
Still waiting for some documentation. Also when will the asp.net mvc 5 templates be updated so they are working with the updated nuget packages?
@Martin, we cannot disclose the release dates. We'll sure have more samples coming. Do check the sample showed in the post: github.com/…/AspnetIdentitySample, you might gain more answers there.
I'd like to see some information on how to use the new system with a Windows 8/8.1 C# app.
How can i add role ? Can not find anything.
How about one version using the azure infrastructure, like Azure table storage or ACS?
In the RC1 nuget, why does Microsoft.AspNet.Identity.OWin has a dependency on EntityFramework? Which part still uses EntityFramework? Want to replace with an Azure Storage only implementation.
@sprinkle: This issue will be fixed in the RTM version of the package
The video channel9.msdn.com/…/DEV-B314 # fbid = fEhPNbmXE9-shows how to add variables to the user profile.
And how can you change the user profile variables and update?
How can I get a list of all users to create an admin dashboard?
@LeusKapus: As of now there is no API that returns IQueryable type with list of either users or roles. For the current bits you need to use the DBContext class directly to get the list of users
@suhasbj Why there is no answer about the azure storage implementation? You don't have plans, time, is there a reason that it's not a good idea?
@Luiz Bicalho: I do agree that the Azure storage implementation is a good idea. I got in touch with the crew and there will be a sample for this which we will release as a Nuget package which the users can then build upon.
Understanding that you can't reference future release dates I'm wondering how things synch up now that VS2013 RTM _is released. Should we consider MVC5 as in RTM state? Is it Open Sourced? Any state changes to this version of the membership system (including docs) given the RTM state?
much appreciated.
@am.steve: we released VS2013 RC. When The RTM version will be released, it will have the MVC5 RTM version. There are a couple of changes in the Identity API from RC to RTM but that will be fully documented in the RTM release. Majority of our web stack such as MVC, Web API, Web Pages, SignalR is already sourced and you can get more information http://www.asp.net/open-source
In VS 2013 I create a web Forms with Individual User Accounts and I use ASP.NET Identity , my Login works and I change web config as
<authentication mode="Forms" >
<forms loginUrl="/Account/Login" defaultUrl="default.aspx" protection="All"></forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
When I host my project in IIS ,the problem is that it works at first, after I sign off and login it works correctly , but when I close ie and open the link again the login page does not direct to default page .
User Name and Password is working because when I enter a incorrect one I get the "try again" message.
I restart the iis the login works and after I enter username and password and press login the default page appears .
form
If you come across this page for more information about ASP.NET Identity, this latest video (October 30, 2014) may useful to you:
channel9.msdn.com/…/DEV-B314
Hi All,
Great functionality! Has a target date for the release of ASP.NET Identity?
Thanks…
What if I want to create a many to many or one to many relationship from the user account to some other table in my custom database? Let's say, one user can attend many courses and one course can be teached by only one user.
Should I somehow copy everything in the same database?
What if I want to create a many to many or one to many relationship from the user account to some other table in my custom database? Let's say, one user can attend many courses and one course can be teached by only one user.
Should I somehow copy everything in the same database?
The usual Microshit b*ll*cks with totally unusable code and no working examples. Spotty kids rule again as usual …
Hi, will you update these examples with current version please.
Also, can we add dynamic roles to controllers.
Did anyone proof-read this stuff?!
2nd sentence under bulleted item "Claims Based" reads "There is a Claims". This appears to be an incomplete sentence, at best. What the hell is that supposed to mean?
“How do I get RID OF it?” would be more useful.
Nicely explained.