Introduction To The ASP.Net Identity Preview


Microsoft revealed the preview of ASP.NET Identity last week. There are some issues in the previous release, so the update fixes the issues and there are also new features like Account Confirmation, Password Reset, and so on. The previous version of ASP.NET Identity is version 1.0.0 and now the new version is 2.0.0-alpha1.
You can have the ASP.NET Identity preview by the NuGet Package Manager from the NuGet Packages. If you want to install it manually then open the Package Manager Console and enter the following commands:
  • Install-Package Microsoft.AspNet.Identity.EntityFramework -Version 2.0.0-aplha1-Pre
  • Install-Package Microsoft.AspNet.Identity.Core -Version 2.0.0-aplha1-Pre
  • Install-Package Microsoft.AspNet.Identity.Owin -Version 2.0.0-aplha1-Pre
Or from the NuGet Package: Select "Include Prerelease" and go to the Updates section as shown below:
Identity Update in NuGet Package
The following issues are fixed by it.
Account Confirmation
Now the new ASP.NET Identity supports the Account Confirmation. For example, there are various websites following this feature in which, when you register and create a new account, you are required to confirm your email before you could do anything on the website. This is the very essential feature because it prohibits fake accounts from being created. This feature is very useful in the websites like Forum sites, banking, e-commerce, and social web sites in which the email method is used for communication. You need to configure the SMTP Server for sending emails.
Password Reset
If you forgot the password to register, now you can reset the password from this feature.
Security Token Provider
Support a way to regenerate the Security Token for the user in cases when the user changes their password or there is any security-related info, like removing a login associated with sites like Facebook, Google, and so on. This feature is used to provide an extra security layer for the application since when you change your password, you will logout from everywhere.
For configuring this you can do it from Startup.Auth.cs as shown below:
  1. app.UseCookieAuthentication(new CookieAuthenticationOptions  
  2. {  
  3.     AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,  
  4.     LoginPath = new PathString("/Account/Login"),  
  5.     Provider = new CookieAuthenticationProvider  
  6.     {  
  7.         OnValidateIdentity=SecurityStampValidator.OnValidateIdentity<UserAppManager, ApplicationUser>  
  8.             (  
  9.             validateInterval: TimeSpan.FromSeconds(3),  
  10.             regenerateIdentity: (manager,user) => user.GenerateUserIdentityAsync(manager))  
  11.     }  
  12. }); 
Support of IQueryable on Users and Roles
Now you can easily get the list of Users and roles from the added support for IQueryable on UsersStore and RolesStore.
Delete from UserManager
You could not delete the user in Identity version 1.0.0, but here this issue has been fixed.
UserManagerFactory Middleware
We can use the Factory implementation to get an instance of UserManager from the OWIN context. This is similar to what we use for getting AuthenticationManager from OWIN context for SignIn and SignOut.
  1. app.UseUserManagerFactory(new UserManagerOptions<UserAppManager>()  
  2. {  
  3.     DataProtectionProvider = app.GetDataProtectionProvider(),  
  4.     Provider = new UserManagerProvider<UserAppManager>()  
  5.     {  
  6.         OnCreate = UserAppManager.Create  
  7.     }  
  8. }); 
DbContextFactory Middleware
The ASP.NET Identity uses the Entity Framework for remaining the Identity system in SQL Server. Identity System has a reference of ApplicationDbContext for doing this.
  1. app.UseDbContextFactory(ApplicationDbContext.Create); 
Updating the Identity 1.0.0 application to 2.0.0
As you know, there are two new features added in this release, so apart from this, there are two properties that are added in this release named "Email" and "IsConfirmed" for the IdentityUser class. If you update the package to 2.0.0 in an existing app that is using the 1.0.0 then there is an error that occurs since the underlying Entity Framework Model has been changed. For more info go to the Working With ASP.NET Identity 2.0.0.


This article has introduced you to the new version of ASP.NET Identity, in other words, 2.0.0-alpha1. You can also learn to upgrade the existing application (using 1.0.0) to a new version and also a few characteristics. There are still many bugs to fix, therefore they'll come in the final version of the RTM. Thanks for reading.