Skip to main content
Prerequisites: Before you begin, ensure you have the following:.NET Version Compatibility: This quickstart works with .NET 8.0, .NET 9.0, and .NET Framework 4.6.2.

Get Started

This quickstart demonstrates how to add Auth0 authentication to a WPF or WinForms desktop application. You’ll configure Auth0, install the SDK, and add login, logout, and user profile display using the Auth0 OIDC Client for WPF and WinForms.
1

Create your application

If you already have a WPF or WinForms project, skip to the next step.
Create a new project and open its directory:
dotnet new wpf -n MyApp
cd MyApp
2

Configure Auth0

To use Auth0 services, you need to have an application set up in the Auth0 Dashboard. The Auth0 application is where you configure how authentication works for your project.

Configure an application

Go to Auth0 DashboardApplicationsApplications and create a new application:
  1. Click Create Application
  2. Enter a name for your application
  3. Select Native as the application type
  4. Click Create
From the Settings tab, note your Domain and Client ID — you’ll need these to initialize the SDK.

Configure Callback URLs

A callback URL is a URL in your application where Auth0 redirects users after they have authenticated. If not set, users will not be returned to your application after they log in.In your Application Settings, add the following to Allowed Callback URLs:
https://{yourDomain}/mobile

Configure Logout URLs

A logout URL is a URL in your application where Auth0 redirects users after they have logged out. If not set, users will not be able to log out from your application and will receive an error.In your Application Settings, add the following to Allowed Logout URLs:
https://{yourDomain}/mobile
3

Install the Auth0 SDK

Auth0 provides separate NuGet packages for WPF and WinForms. Install the one that matches your project type.
Open the Package Manager Console (Tools → NuGet Package Manager → Package Manager Console) and run:
# WPF
Install-Package Auth0.OidcClient.WPF

# WinForms
Install-Package Auth0.OidcClient.WinForms
4

Instantiate the Auth0Client

To integrate Auth0 into your application, instantiate an Auth0Client with your Auth0 Domain and Client ID. Add a private field and initialize it inside the existing constructor in your main window or form.
Open MainWindow.xaml.cs and update it as follows:
MainWindow.xaml.cs
using Auth0.OidcClient;

// In case you have chosen a different name for your application,
// ensure to update the namespace accordingly.
namespace MyApp; 

public partial class MainWindow : Window
{
    private Auth0Client _client;

    public MainWindow()
    {
        InitializeComponent();

        _client = new Auth0Client(new Auth0ClientOptions
        {
            Domain = "{yourDomain}",
            ClientId = "{yourClientId}"
        });
    }
}
5

Add login to your application

Use the SDK’s LoginAsync() method to log users in. When called, it opens a popup window with the Auth0 Universal Login page. After successful authentication, Auth0 redirects to the callback URL, and the SDK returns a LoginResult.First, add a login button to your UI:
Open MainWindow.xaml and add a Button inside the <Grid>:
MainWindow.xaml
<Grid>
    <Button x:Name="LoginButton"
            Content="Log In"
            Width="120" Height="40"
            HorizontalAlignment="Center" VerticalAlignment="Center"
            Click="LoginButton_Click" />
</Grid>
Then add the click handler in MainWindow.xaml.cs:
MainWindow.xaml.cs
private async void LoginButton_Click(object sender, RoutedEventArgs e)
{
    var loginResult = await _client.LoginAsync();

    if (loginResult.IsError == false)
    {
        var user = loginResult.User;
        var name = user.FindFirst(c => c.Type == "name")?.Value;
        var email = user.FindFirst(c => c.Type == "email")?.Value;
        var picture = user.FindFirst(c => c.Type == "picture")?.Value;
    }
}
If there is no error, you can access LoginResult.User, LoginResult.IdentityToken, LoginResult.AccessToken, and LoginResult.RefreshToken on the result.
6

Add logout to your application

Use the SDK’s LogoutAsync() method to log users out. This opens a popup window, redirects to Auth0’s logout endpoint to clear the session, then redirects back to the logout URL you configured.First, add a logout button to your UI:
Open MainWindow.xaml and add a logout Button next to the login button:
MainWindow.xaml
    <Grid>

        <StackPanel HorizontalAlignment="Center" VerticalAlignment="Center">
            <Button x:Name="LoginButton" Content="Login" Width="200" Height="40" 
                    Margin="10" Click="LoginButton_Click" FontSize="16"/>
            <Button x:Name="LogoutButton" Content="Logout" Width="200" Height="40" 
                    Margin="10" Click="LogoutButton_Click" FontSize="16"/>
        </StackPanel>
    </Grid>
Then add the click handler in MainWindow.xaml.cs:
MainWindow.xaml.cs
private async void LogoutButton_Click(object sender, RoutedEventArgs e)
{
    await _client.LogoutAsync();
}
7

Show user profile information

The LoginResult.User property is a ClaimsPrincipal containing the authenticated user’s profile. Query the claims to display user information in your application.
if (loginResult.IsError == false)
{
    Debug.WriteLine($"name: {loginResult.User.FindFirst(c => c.Type == "name")?.Value}");
    Debug.WriteLine($"email: {loginResult.User.FindFirst(c => c.Type == "email")?.Value}");
}
To see all claims returned in the ID token:
if (loginResult.IsError == false)
{
    foreach (var claim in loginResult.User.Claims)
    {
        Debug.WriteLine($"{claim.Type} = {claim.Value}");
    }
}
CheckpointYou should now have a working Auth0-integrated WPF or WinForms application. Run your application and verify that:
  • Clicking the login button opens the Auth0 Universal Login page in a popup window.
  • You can log in or sign up.
  • After authentication, you can access user information from LoginResult.User.
  • Clicking the logout button clears the session and redirects to your logout URL.

Advanced Usage

Check LoginResult.IsError before accessing tokens or user properties. The Error and ErrorDescription properties contain details when authentication fails.
var loginResult = await _client.LoginAsync();

if (loginResult.IsError)
{
    Debug.WriteLine($"An error occurred during login: {loginResult.Error}");
    // loginResult.ErrorDescription contains the full error message
    return;
}

// Safe to access tokens and user here
Debug.WriteLine($"id_token: {loginResult.IdentityToken}");
Debug.WriteLine($"access_token: {loginResult.AccessToken}");
If the user closes the login popup without authenticating, LoginAsync() returns a result with BrowserResultType.UserCancel. This is expected behavior — do not treat it as an error.
To get a new access token without requiring the user to log in again, use RefreshTokenAsync() with the refresh token from the initial LoginResult.
// Request offline_access scope to receive a refresh token
_client = new Auth0Client(new Auth0ClientOptions
{
    Domain = "{yourDomain}",
    ClientId = "{yourClientId}",
    Scope = "openid profile email offline_access"
});

// Store refresh token from initial login
var refreshToken = loginResult.RefreshToken;

// Exchange for new tokens later
var refreshResult = await _client.RefreshTokenAsync(refreshToken);

if (refreshResult.IsError == false)
{
    var newAccessToken = refreshResult.AccessToken;
}
Refresh tokens require the offline_access scope and must be enabled in your Auth0 Application Settings under Refresh Token Rotation.

Additional Resources

SDK Repository

Source code, release notes, and issue tracker for the Auth0 OIDC Client for .NET

User Profiles

Learn about user profile claims and the /userinfo endpoint

Community Forum

Get help from the Auth0 community

Common Issues

Problem: The WebView2 popup window opens and shows the login page, but after entering credentials nothing happens.Solution: The Microsoft Edge WebView2 Runtime is not installed on the machine. Install it from the Microsoft WebView2 download page. WebView2 ships with Windows 11 and recent Windows 10 builds, but must be separately installed on older systems.
Problem: After logging in, Auth0 returns a callback URL mismatch error.Solution: The redirect URI used by the SDK does not match any value in your Allowed Callback URLs in the Auth0 Dashboard. Add https://{yourDomain}/mobile to Allowed Callback URLs in your Application Settings. The SDK uses this URL by default.
Problem: After logging out, Auth0 returns an error about an unrecognized logout URL.Solution: Add https://{yourDomain}/mobile to Allowed Logout URLs in your Application Settings.
Problem: LoginResult.IsError is true but there is no clear indication of the cause.Solution: Check LoginResult.Error and LoginResult.ErrorDescription for details:
if (loginResult.IsError)
{
    Debug.WriteLine($"Error: {loginResult.Error}");
    Debug.WriteLine($"Description: {loginResult.ErrorDescription}");
}
Common causes:
  • The application type in the Auth0 Dashboard is not set to Native
  • OIDC Conformant is not enabled under Advanced Settings → OAuth
  • The JSON Web Token Signature Algorithm is not set to RS256
Problem: LoginResult.RefreshToken is null.Solution: The offline_access scope is required to receive a refresh token. Add it to the Scope option:
_client = new Auth0Client(new Auth0ClientOptions
{
    Domain = "{yourDomain}",
    ClientId = "{yourClientId}",
    Scope = "openid profile email offline_access"
});
Also ensure Refresh Token Rotation is enabled in your Application Settings in the Auth0 Dashboard.