DOTNET DETAIL

Learn Microsoft .NET Technologies

You are here: Home / ASP.NET Core / User Secrets in Asp.Net Core 3.1

User Secrets in Asp.Net Core 3.1

by Leave a Comment

In this tutorial, we are going to cover user secrets in Asp.Net Core 3.1 web application using visual studio code. First, we will understand what is secret manager in asp.net core and then we will implement all the user secrets options (E.g. set, remove, list, clear) in Asp.Net Core 3.1 web API application in step by step.

If you want to store some configuration information that can be accessed by the application during runtime, then the secret manager will help you to store such information. This information may include the web API keys, authenticated token keys, database connection strings, and etc. These are not user specific confidential values, but you still need to store in a very protected place.

Note: – In one of the previous tutorials, we have covered how to integrate react and asp.net core 3.1 application using vs code. So, we will not create a new web API project in this tutorial, we will use the same project which we have created in one of the previous tutorials.

What will you learn in this tutorial?

We will learn these below points in this tutorial.

  • How to enable user secrets in Asp.Net Core 3.1?
  • How to set user secrets in Asp.Net Core 3.1?
  • How to get the list of all the application secrets?
  • How to remove the specific secret from application?
  • How to access the user-secret values using configuration?

How to Implement User Secrets in Asp.Net Core 3.1 Application

Let’s start to implement “user secrets” in asp.net core 3.1 application using visual studio code.

See also  JWT Authentication in Asp.Net Core 3.1

Step # 1: How to enable user secrets in Asp.Net Core?

So, go to the project terminal and then run this below command and it will give you some options that we can use in our application as you do see below in the screenshot.

dotnet user-secrets

It will give us some command options as you do see in the above highlighted area.

Note: – user-secrets are only available for development mode. If you are running production mode, then you will not have to access user-secrets.

Now, we need to add UserSecretsId in the API.csproj file. So, go to project folder structure and then go to the API.csproj file and then add the Id as you do see below in the file’s line # 14.

Note: – Here we are adding simply a guid generated id.

Step # 1: How to set user secrets in Asp.Net Core 3.1?

Now, in this step, we will see how to set user secrets in asp.net core 3.1 application. So, go to the API project terminal and then run the below command to set a user-secret as you do see below in the screenshot.

dotnet user-secrets set “TokenKey” “super secret key”

As you do see above, it has successfully saved the secret key into the secret store. 

Note: – the location of the secret store is the development machine. It is not located in the source code anywhere. It means, if you move your project to another system, then you will not have access to this token key and you will need to recreate the token key.

See also  How to sort record using Angular 6 and ASP.NET Core 2.0

Step # 3: How to get the list of all the application secrets?

In this step, we will see how to get the list of all the application secrets. So, go to project terminal and then run the below command to get the list as you do see below in the screenshot.

=> dotnet user-secrets list

As you do see above, all the secrets are available. 

Step # 4: How to remove the specific user secret?

Now, in this step, we will see how to remove the specific secret from the application secrets. So, run this below command as you do see below in the screenshot.

dotnet user-secrets remove “TokenKey”

As you do see above, the first command removes the TokenKey secret and the second command is getting the list of secrets. But as you see there is no secret configured for this application.

Step # 5: How to clear the user secrets?

Now, in this step, we will see how to clear all the user secrets from the application. So, run the below command and it will clear all the secrets as you do see below in the screenshot.

Note: – If you want to remove or set or clear the secrets from the specific project or a folder location that contains the .csproj file, then you can use the –project or –p flag and project or folder location as you do see below in the screenshot. 

Step # 6: How to access the user-secret values using configuration?

Now, in this step, we will see how to access the user-secret values using the configuration. As you know we are working on a project which we have created in one of the previous tutorials. So,  in one of the previous tutorials, we have discussed JWT authentication in Asp.Net Core 3.1 using vs code. So, in that project we have covered how to create a token as do see below in the file. 

In the above file’s line # 20, we are assigning the token key “super secret key”. But now, we will use the TokenKey from the user secrets using the configuration, which we have created above. Let’s see how to do it in the below file.

Let’s understand the above code changes.

See also  Role Based Authorization in Asp.Net Core 3.0

Line # 17 to 20: here in this block of code, we are injecting the IConfiguration using constructor.

Line # 28: here in this line, we are accessing the token key using configuration.

Now, in the same way we need to change it in the startup class. So, go to the project startup class and then add some changes as you do see below in the file’s line # 64.

JWT Authentication in Asp.Net Core 3.1
Key Vault secrets in Asp.Net Core 3.1

Leave a Reply

Your email address will not be published. Required fields are marked *