ASP.NET Core Identity - Authentication & Authorization [MVC]

Name: ASP.NET Core Identity - Authentication & Authorization [MVC]
Rating: 4.3 (972 reviews)

Learn Authentication & Authorization in ASP.NET Core (.NET 8) as we explore Identity Library with MVC and Razor Library

Created byBhrugen Patel - (DotNetMastery | Microsoft MVP | 300k+ Students), Bhrugen Patel - Microsoft MVP | 300,000+ Students

Last updated 2/2026

English

What you'll learn

ASP NET Core Identity with MVC
Authorization with Roles
Implementing Two-Factor Authentication
Implementing Sign Up and Sign-in using with E-mail confirmation
User, Claims and Role Management
Scaffold Identity Library
Two Factor Authentication with MVC
External Logins in MVC
Policy Management
Custom Handler and Requirements

Course content

10 sections • 105 lectures • 6h 28m total length

Welcome3:12
ASP.NET Core Identity4:04
Get most out of the course0:44
Demo and what this course is not about3:41
Authentication and Authorization3:40
Cookies vs Token based auth2:31
Token vs cookie auth flow2:24
Asp.net core identity structure and architecture4:12
Explore how asp.net core identity uses a store and role store as a data access layer with interfaces, and how user manager, role manager, and the sign-in manager extend authentication.
Roles and claims2:35
Tools needed0:28
Project resources1:30
Create Project1:10
16 Run Project0:58
17 Add Connection String1:53
18 Add DbContext to Project3:57
Configure Entity Framework Core by creating application DbContext, installing SQL Server and Entity Framework Core packages, and set up Identity using IdentityDbContext for authentication and authorization with code-first data access.
19 Configure DbContext in Program Class File3:55
20 Create Database2:38

Add Identity Service4:14
Add column to Users Table3:20
Extend the default ASP.NET identity user with an application user class, add properties like name, configure a dbset in the context, and run migrations to add new columns.
Login and Register View Models2:49
Register View6:50
Login Partial Custom View1:43
Register First User5:31
Discriminator Column2:52
Register users and observe the discriminator column indicating identity user versus application user. Change program.cs to use application user, and inject user manager and sign in manager for registration.
Handle Errors1:57
Display Signed In User3:57
Logout in Action1:09
Login View2:40
Create the login view in ASP.NET Core Identity MVC, wire it to the account controller, and scaffold a Razor login view with remember me and register links.
Login in Action2:41
Return Url in Action5:06

Default Password Requirements2:15
Lockout in Action4:03
Forgot Password View2:28
SendGrid Setup3:25
Learn how to implement password reset emails in an ASP.NET Core Identity MVC app using SendGrid, including setting up a domain-verified sender and integrating the SendGrid NuGet package.
Email Sender5:38
Reset Password Token7:24
Implement a secure forgot password flow by sending a confirmation email, injecting an email sender, generating a reset token, and validating the code via a reset password endpoint.
Reset Password View Model1:39
Reset Password View3:01
Reset Password in Action6:37
Confirm Email3:01
Confirm Email in Action3:52
Validate the token and confirm the user's email using the user manager, retrieving the user by id and directing to success or error views in ASP.NET Core Identity MVC.

2 Enable Authenticator Get Endpoint3:08
Implement an enable authenticator get endpoint that generates a new authenticator key, builds a two factor authentication view model with a token, and returns it to the authorized user.
3 Enable Authenticator View3:24
4 Enable Authenticator Post Login5:47
5 Setup Two Factor Auth on Account4:00
6 Verify Authenticator Get Action4:24
Set up a two factor authentication flow by adding a verify authenticator code GET endpoint and a verify authenticator view model with code, return URL, and remember me.
7 Verify Authenticator View1:53
Build a verify authenticator view and its view model to enter the Microsoft Authenticator code, handle the return URL, and post to an endpoint that signs in.
8 Two factor Auth in Action3:34
Implement a post endpoint to verify authenticator codes, apply anti-forgery validation, and use two-factor authenticator sign-in to secure login flows with a return URL and remember options.
9 What happens if key is reset1:49
10 QR Code in Action6:38
Implement two-factor authentication by integrating a qr code generator and authenticator uri in an mvc app, using a JavaScript qr code file and encoding issuer and email into the url.
11 Button to reset two factor auth2:33
12 Reset two factor auth key1:54

1 Claim Store2:36
Explore using claims with ASP.NET Core Identity to control access, creating a claim store with create, edit, and delete claims and integrating them with roles for authorization.
2 Manage User Claim Get Endpoint4:02
3 Manage User Claim POST Endpoint2:45
Implements a post endpoint to manage user claims by retrieving existing claims, removing old ones, and adding new claims from a multi-select claims view model, with validation and error handling.
4 Claims View2:45

1 Assign Roles to Accounts2:55
Assign and display multiple roles for users by updating account and user controllers to fetch roles with get role async, join them with commas, and show them correctly.
2 Setup Project for Access Checker4:07
3 Setup Layout Links3:15
4 Allow Anonymous and Authorize2:02
5 Role Access3:37
6 Policy based Authorization3:34
7 Policy vs Role based Authorization3:00
8 Display Claim Type2:47
Explore policy-based authorization with ASP.NET Core Identity by creating admin claims, displaying claim types, and retrieving claims, noting that claim type is not case sensitive while claim value is.
9 Policy based authorization with Claims3:10
Learn to implement policy-based authorization by requiring an admin role and a create claim, configure the policy in code, and enforce it on an endpoint.
10 Policy with multiple claims1:26
11 Func Type with policy based authorization7:57
12 Saperating Function Logic2:21
13 Requirement and handlers4:00
14 Custom Authorization Requirement Handler with Roles8:32
Implement a custom authorization handler to restrict role deletion to superadmins by creating a Superadmin checker, implementing IAuthorizationRequirement, and wiring it into a policy in program.cs.
15 Date Created Column2:22
16 Special Page and Service to get age of Account4:30
17 Custom Handler in Action9:19
18 Setup Project for Claims Assignment4:56
Add a first name claim for the user, refresh on login, and implement a custom policy and handler in program.cs to grant access when the name contains a string, case-insensitive.
19 Custom handler with claims6:53

Requirements

Basic SQL Server knowledge
6months of experience with C#
Basic knowledge of ASP NET Core

Description

Learn important skills for the new identity system for ASP.NET Core. Many times with the built in code developer misses the core concepts behind security in ASP.NET Core or how the Identity Razor class library behaves!

ASP.NET Core now includes the new identity system, which replaces the legacy membership system in ASP.NET. It is essential that software engineers learn these relevant skills and apply them when developing MVC applications if they do not want to combine razor pages with MVC

In this course we will build custom code with MVC for Identity Management similar to Identity Razor class library but with MVC. That way you can learn to stick with just one technology in your project.

Once we develop authentication with MVC and learn how to customize it.

We will also learn advance topics in authorization, as we start with basics and learn to dive into roles, claims and custom policy by building handlers, requirements and much more!

Authorization and User Management is a must in real world projects, and that is exactly what we will learn in this detailed course!

Course has been built using the latest .NET 8!

There is no course on Udemy that comes close the the topics explained in this course. I hope to see you guys in the learning journey!

Who this course is for:

Anyone who wants to implement .NET Core Identity library with MVC
Anyone who wants to explore advanced authorization in details with ASP NET Core

ASP.NET Core Identity - Authentication & Authorization [MVC]

What you'll learn

Explore related topics

Course content

Introduction17 lectures • 44min

Login and Registration13 lectures • 45min

Lockout, Reset and Confirm Email11 lectures • 43min

Two Factor Authentication11 lectures • 39min

Role Management6 lectures • 22min

User List10 lectures • 33min

Assign Role to User7 lectures • 32min

Claim Management4 lectures • 12min

Roles Policy and Requirements in .NET19 lectures • 1hr 21min

Single Sign On7 lectures • 38min

Requirements

Description

Who this course is for: