Quickstart — .NET (Authaz.Sdk)

2 min read·Updated Apr 29, 2026

Authaz.Sdk is the typed .NET client for the Authaz Management API — list users, manage roles, send invitations, run authorization checks, query audit logs.

It's not a Universal Login SDK. End-user authentication in your .NET web app should still go through the standard OAuth 2.0 + PKCE flow (any OIDC library works); use Authaz.Sdk when your server needs to do management work.

Prerequisites#

.NET 8 or 9.
A Management API key from the Authaz dashboard. Store it as AUTHAZ__APIKEY in your secrets / environment / configuration.

Step 1 — Install#

dotnet add package Authaz.Sdk

Step 2 — Register the SDK#

Previous: Quickstart — Hono
Next: Tokens

app.MapGet("/users/{id:guid}", async (Guid id, IAuthazClient authaz) =>
{
    var result = await authaz.Users.GetAsync(id);
    return result.IsSuccess
        ? Results.Ok(result.Value)
        : Results.Problem(result.Error!.Message, statusCode: 500);
});

var result = await authaz.Users.GetAsync(userId);
 
if (result.IsSuccess)
{
    var user = result.Value!;
    Console.WriteLine($"{user.Email} — {user.Status}");
}
else
{
    // Error is a discriminated union
    var problem = result.Error switch
    {
        AuthazError.NotFound nf      => Results.NotFound(nf.Message),
        AuthazError.Unauthorized     => Results.Unauthorized(),
        AuthazError.Forbidden f      => Results.Forbid(),
        AuthazError.Validation v     => Results.ValidationProblem(
            v.Fields.ToDictionary(f => f.Field, f => new[] { f.Message })),
        AuthazError.RateLimited r    => Results.Problem(
            r.Message, statusCode: 429),
        AuthazError.Server s         => Results.Problem(
            s.Message, statusCode: s.StatusCode),
        AuthazError.Network n        => Results.Problem(
            "Authaz unreachable", statusCode: 503),
        _                            => Results.Problem(result.Error!.Message),
    };
}

authaz.Users           // List, get, suspend, activate, sessions, MFA reset
authaz.Applications    // List, create, update, stats, custom domains
authaz.Tenants         // List, create, update, per-tenant OAuth config
authaz.Authorization   // .Roles, .Policies, .Permissions.CheckAsync
authaz.Invitations     // Send, list, resend, revoke, pending count
authaz.Email           // Email provider config + templates
authaz.Auth            // API keys, OAuth credentials
authaz.Audit           // Trail logs (search + list)

app.MapPost("/can/{permission}", async (
    string permission,
    [FromBody] CheckBody body,
    IAuthazClient authaz) =>
{
    var result = await authaz.Authorization.Permissions.CheckAsync(
        new CheckPermissionRequest(
            UserId: body.UserId,
            Permission: permission,
            TenantId: body.TenantId?.ToString()));
 
    return result.IsSuccess
        ? Results.Ok(new { allowed = result.Value!.Allowed })
        : Results.Problem(result.Error!.Message);
});
 
record CheckBody(string UserId, Guid? TenantId = null);

Quickstart — .NET (Authaz.Sdk)

Prerequisites#

Step 1 — Install#

Step 2 — Register the SDK#

Step 3 — Use the client#

Step 4 — Handle the result#

Step 5 — What's on the client#

Step 6 — Run it#

Worked example — authorization check#

Customizing the credential provider#

Adding handlers#

Next steps#