Click here to Skip to main content
14,391,415 members

2-Legged OAuth Authentication in .NET (C#)

Rate this:
4.92 (8 votes)
Please Sign up or sign in to vote.
4.92 (8 votes)
5 Jul 2012CPOL
2-Legged OAuth Authentication in .NET (C#)


OAuth is an open standard for authorization. It allows users to approve application to act on their behalf without sharing their password. In this article, I am going to provide details about doing 2-Legged OAuth authentication in C# using library. You can read the full OAuth specification at:

You could find a lot of examples and sample code on how to do it in Java. But I did not find a good enough example to do it in .NET. During one of my assignments, I had to spend considerable time to perform this, so I decided to write this article.


OAuth provides two ways of authentication: 3 –Legged or 2–Legged authentication.

2- Legged authentication means that customer already has access to valid set of OAuth Consumer credentials (key & secret). You need to create a User’s OAuth Token request by signing the request as described in the OAuth Consumer Request Specification. The following OAuth article provides a very extensive detail about what all is required to perform an OAuth Consumer Request.

The main advantage of 2 legged authentication is that the user experience is seamless since no additional User interactions are required to initiate an API session.

Using the code

The code is self explanatory. Use the attached ServiceProvider class to instantiate an OAuth Request. You can use PostData\GetData methods to perform POST\GET requests, respectively.

ServiceProvider provider = new ServiceProvider(serviceUrl, consumerKey, secret);
//Perform a POST requestString response = provider.PostData("application/json", data);

The GenerateRequest function shows how to sign an OAuth Request.   

private HttpWebRequest GenerateRequest(string contentType, string requestMethod)
    var ts = UnixTime.ToUnixTime(DateTime.Now);
    //Create the needed OAuth Parameters.
    //Refer -
    var param = new OAuthParameters() {
    ConsumerKey = _consumerKey,
        SignatureMethod = SigningProvider.SignatureMethod,
        Version = Constants.Version1_0,
        Nonce = NonceProvider.GenerateNonce(ts),
        Timestamp = ts.ToString(),
    //Generate Signature Hash
    var signatureBase = SignatureBase.Create(requestMethod.ToUpper(), _serviceProviderUri, param);
    //Set Signature Hash as one of the OAuth Parameter
    param.Signature = SigningProvider.ComputeSignature(signatureBase, _consumerSecret, null);
    var httpWebRequest = (HttpWebRequest)WebRequest.Create(_serviceProviderUri);
    httpWebRequest.Method = requestMethod;
    httpWebRequest.ContentType = contentType;
    httpWebRequest.Timeout = RequestTimeOut;
    //Add the OAuth Parameters to Authorization Header of Request
    httpWebRequest.Headers.Add(Constants.AuthorizationHeaderParameter, param.ToHeaderFormat());
    return httpWebRequest;


The code is dependent on OAuth.Net library ( You will need to add a reference to the OAuth libraries to compile the code.


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Sumit Chawla
Software Developer (Senior)
United States United States
I am currently working as a Senior Software Developer. My primary skills include .NET, WPF,MSSQL,and C++. I have also worked in ASP.NET, XML, XSL, JavaScript,and Web Automation.
I love to solve problems,and love to do programming. In my idle time i love to explore new technologies and domains.

Comments and Discussions

QuestionIs this an OAuth 1.0 or a 2.0? Pin
Member 132490548-Jun-17 12:08
MemberMember 132490548-Jun-17 12:08 
QuestionIts not working and throwing 401 UnAuthorised if is put query string in url... can you please help. Pin
Susheel Adirala11-Nov-16 0:02
MemberSusheel Adirala11-Nov-16 0:02 
QuestionMost clear implementation I've ever seen Pin
immanuelarun27-May-16 6:02
Memberimmanuelarun27-May-16 6:02 
QuestionThe remote server returned an error: (401) Unauthorized. Pin
Member 1113822331-Jan-16 21:07
MemberMember 1113822331-Jan-16 21:07 
QuestionHelp me Pin
jakss23-Sep-14 1:54
Memberjakss23-Sep-14 1:54 
QuestionWeb Service Pin
jaimeyzv24-Jun-13 8:35
Memberjaimeyzv24-Jun-13 8:35 
QuestionHow to post method details Pin
Amshumanth Sirga18-Jan-13 21:17
MemberAmshumanth Sirga18-Jan-13 21:17 
QuestionHow can use this code in to connect to dropbox account Pin
raosrini22-Nov-12 21:33
Memberraosrini22-Nov-12 21:33 
QuestionUsing Code and oAuth .NET library. It gives an Error Pin
ha_haseebahmad19-Sep-12 3:13
Memberha_haseebahmad19-Sep-12 3:13 
AnswerRe: Using Code and oAuth .NET library. It gives an Error Pin
Sumit Chawla19-Sep-12 8:14
MemberSumit Chawla19-Sep-12 8:14 
AnswerRe: Using Code and oAuth .NET library. It gives an Error Pin
Sumit Chawla11-Oct-12 15:03
MemberSumit Chawla11-Oct-12 15:03 
GeneralMy vote of 5 Pin
Kashif_Imran30-Jul-12 13:44
MemberKashif_Imran30-Jul-12 13:44 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Posted 5 Jul 2012


22 bookmarked