ASP.NET Core Identity Notes

1. What is ASP.NET Core Identity?

• A membership system that provides login, registration, roles, claims, and authentication out of the box.
• Manages users, passwords, roles, tokens (for reset/confirmation), and claims-based authorization.
• Built on top of Entity Framework Core.
• Used by Blazor and ASP.NET Core apps for security & access control.

2. Core Components

• IdentityUser
  • Base class for user accounts.
  • Contains properties like Id, UserName, Email, PasswordHash.
  • Extendable via custom user classes.
• IdentityRole
  • Represents a role (e.g., Admin, Manager, Employee).
  • Supports role-based authorization.
• DbContext Integration
  • IdentityDbContext<TUser> extends EF Core DbContext.
  • Creates tables for Users, Roles, Claims, Tokens, etc.
• Identity Services
  • Registered with AddIdentity<TUser, TRole>().
  • Handles hashing, validation, authentication cookies, and token providers.

3. Authentication vs Authorization

• Authentication → Verifies who a user is.
  • Usually login with password or external provider (Google, Microsoft, etc.).
• Authorization → Verifies what a user can do.
  • Based on roles ([Authorize(Roles="Admin")]) or policies ([Authorize(Policy="RequireEmployeeNumber")]).

4. How ASP.NET Identity Works

1. User registers → Info saved in AspNetUsers table.