Introduction to ASP.NET Identity

ASP.NET Identity API is used for managing user credentials. It replaces the older ASP.NET Membership system. The new ASP.NET Identity 2.1  version brings some of the cool new features.

ASP.NET MVC User Management

ASP.NET Identity helps us to manage the user accounts.  It allows users to self-register on the site.  It allows users to select user id and password. Users can also register using the social login providers such as facebook, google, twitter etc. ASP.NET MVC Identity uses the entity framework Code first and OWIN.

We have created a four-part step by step tutorial, which helps you to ASP.NET Identity User Management system from Scratch and explains each component in details

  1. Introduction to ASP.NET Identity
  2. ASP.NET Identity Tutorial – Getting Started
  3. ASP.NET Identity Tutorial – OWIN Authentication Middleware
  4. ASP.NET Core Identity

Brief History of ASP.NET Membership system

ASP.NET used the forms authentication system to authenticate users to the web application. Forms Authentication uses an authentication cookie.  When a user logs in his credentials are verified by querying the information from the data store.  The Forms Authentication then issues a cookie with user credentials embedded into the cookie. Subsequent requests coming to the application must contain the cookie which is validated by the forms authentication. If the valid cookie is found, then the request is granted else the user is presented with a login page and asked to enter valid credentials.

Starting from ASP.NET 2.0 introduced the Membership provider.  Simple Membership made an entry in ASP.NET 4.0.  A Universal Membership provider in ASP.NET 4/4.5.   All these Membership providers used the abstract base class to manage the user credentials. Internally they all used Forms Authentication to Provide the Security.

History of Membership In ASP.NET
History of Membership In ASP.NET

Why change

The ASP.NET membership has worked well over the years.  At the same time developing the web application has also evolved a lot.  The Developers want their users to log in using the social accounts so that they can be provided with rich user experience.   Unit testing of authentication code has become a concern for the application developers. Two-factor authentication has become an essential feature of the applications.

The ASP.NET has changed a lot over the years. MVC has become the new way of developing the web applications. Microsoft has come with new frameworks like Web API and SignalR.

It is clear that the old Membership system will not be able to keep up the pace with new developments happening in the Web development space. Microsoft needed a complete overhaul of the Membership system.

Features of ASP.NET Identity

The new ASP.NET Identity system provides some great features

One ASP.NET

One ASP.NET was introduced in Visual Studio 2013. ASP.NET Identity follows One ASP.NET approach. It  can be used across all of the ASP.NET frameworks, such as ASP.NET MVC, Web Forms, Web API and SignalR

User Management

ASP.NET Identity comes with API to handle Creating, Editing and deleting of users.

Control over schema

The Developer has now complete control over the user information. You can easily extend the user profile information to include more user information like date of birth or any other information. Identity uses the entity framework code first to store the user related information to the database. You can change the database schema and data type of the primary key. Identity also provides control over the data persistence. Since it uses the Entity Framework, it can be used to persist data in any datastore supported by EF.

TTwo-factorAuthentications using email/SMS.

Two-factor authentication is a process where the user is authenticated by a combination of two different methods. For Example password and sending a security code to users registered email or Mobile. Two-factor authentication adds a second level of authentication to an account login process.

Account Confirmation Mail

The Account Confirmation email can be sent to the user to verify the email ID.

Account Lockout

Account lockout feature disables the user accounts if the user enters the wrong password for a specified number of times over a short duration.

Unit test

You can unit test your login/Register actions using the unit test framework as it is now simple to mock the identity framework.

Roles Management

Roles are similar to Roles in the old membership system. These are stored in a separate table.  You can Create, Edit and delete roles

Claims Management

The claim is a piece of information about the user. It could be his name, his ID, email or anything that is important to the application you build. They are stored as a name-value pair. Claims allow developers to add lots more information about the user than the simple username-password provided by the old membership system.

Read the article Introduction to claims from MSDN

External Identity Providers

Users can now log in using any of the social login providers like Facebook, google+, linked in etc. External Identity providers for Active Directory/ Azure Active Directory Is also available.  You can also roll out your own Identity Providers if any of the above does not suit you.

OWIN Integration

ASP.NET Identity uses OWIN to generate cookies and do authentication. It is not required use OWIN for Identity. You can also use the Forms Authentication module to do the same.

Decoupled

ASP.NET Identity is now not part of the ASP.NET framework. This means that development, upgradation and bug fixes are not dependent on the framework.  New features and bug fixes can be released quickly.  The identity is now available as a download from NuGet packages.

Conclusion

That concludes the brief introduction to the ASP.NET Identity System.

Further Reading

Here is the link to the tutorial which creates an ASP.NET Identity from Scratch and explains each component in details

  1. Introduction to ASP.NET Identity
  2. ASP.NET Identity Tutorial – Getting Started
  3. ASP.NET Identity Tutorial – OWIN Authentication Middleware
  4. ASP.NET Core Identity

2 thoughts on “Introduction to ASP.NET Identity”

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top