How to Build a Login and Registration System Using ASP.NET Core Identity

Creating a secure and reliable user authentication system is a common requirement in web applications. ASP.NET Core Identity is a robust framework provided by Microsoft to handle user registration, login, roles, and more. In this guide, we’ll walk through how to build a login and registration system using ASP.NET Core Identity in a way that’s simple and beginner-friendly, with sample code to get you started.

What Is ASP.NET Core Identity?

ASP.NET Core Identity is a membership system that adds login functionality to your application. It handles everything from password hashing to user management, role-based access, and security.

Create a New ASP.NET Core Web Application

To begin, open Visual Studio and follow these steps:

1. Create a new project → Select ASP.NET Core Web App (Model-View-Controller).
2. Name your project (e.g., AuthDemo).
3. Choose .NET 6 or later.
4. Make sure Authentication Type is set to Individual Accounts. This will automatically set up Identity for you.

Visual Studio scaffolds the necessary Identity files for you.

Understand the Project Structure

The Identity system adds:

• Areas/Identity: Contains Razor Pages for login, registration, etc.
• ApplicationDbContext: This is the database context that includes Identity tables.
• IdentityUser: A default user model provided by the system.

You don’t need to write everything from scratch because these are already built-in.

Run Database Migration

To set up the database with Identity tables:

dotnet ef migrations add InitialCreate
dotnet ef database update

dotnet ef migrations add InitialCreate
dotnet ef database update

This creates tables like AspNetUsers, AspNetRoles, and others needed for authentication.

Register and Login Functionality

If you selected Individual Accounts during project setup, you already have:

• /Identity/Account/Register — for new users
• /Identity/Account/Login — for login

You can customize the UI if you need to by scaffolding Identity:

dotnet aspnet-codegenerator identity -dc ApplicationDbContext

dotnet aspnet-codegenerator identity -dc ApplicationDbContext

Choose the pages you want to override (like Register, Login, etc.).

Example: Customizing the Register Page

Open the Register.cshtml.cs file. Here’s how you can extend it to include a new field (e.g., Full Name):

public class InputModel
{
    [Required]
    [EmailAddress]
    public string Email { get; set; }

    [Required]
    [Display(Name = "Full Name")]
    public string FullName { get; set; }

    [Required]
    [DataType(DataType.Password)]
    public string Password { get; set; }

    [DataType(DataType.Password)]
    [Display(Name = "Confirm password")]
    [Compare("Password", ErrorMessage = "Passwords do not match.")]
    public string ConfirmPassword { get; set; }
}

public class InputModel
{
    [Required]
    [EmailAddress]
    public string Email { get; set; }

    [Required]
    [Display(Name = "Full Name")]
    public string FullName { get; set; }

    [Required]
    [DataType(DataType.Password)]
    public string Password { get; set; }

    [DataType(DataType.Password)]
    [Display(Name = "Confirm password")]
    [Compare("Password", ErrorMessage = "Passwords do not match.")]
    public string ConfirmPassword { get; set; }
}

Then store it in the database by extending IdentityUser.

Add Custom User Properties

To store more user information, create a new class that extends IdentityUser:

public class ApplicationUser : IdentityUser
{
    public string FullName { get; set; }
}

public class ApplicationUser : IdentityUser
{
    public string FullName { get; set; }
}

Then update ApplicationDbContext:

public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
{
    public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
        : base(options)
    {
    }
}

public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
{
    public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
        : base(options)
    {
    }
}

And finally, register it in Program.cs:

builder.Services.AddDefaultIdentity<ApplicationUser>()
    .AddEntityFrameworkStores<ApplicationDbContext>();

builder.Services.AddDefaultIdentity<ApplicationUser>()
    .AddEntityFrameworkStores<ApplicationDbContext>();

Now your custom fields (like Full Name) are stored in the database.

Redirect After Login

If you want to redirect users after they log in, update the Login.cshtml.cs:

await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
return LocalRedirect(returnUrl ?? "/Dashboard");

await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
return LocalRedirect(returnUrl ?? "/Dashboard");

Protect Pages Using Authorization

Add the [Authorize] attribute to controllers or pages you want to protect:

[Authorize]
public class DashboardController : Controller
{
    public IActionResult Index()
    {
        return View();
    }
}

[Authorize]
public class DashboardController : Controller
{
    public IActionResult Index()
    {
        return View();
    }
}

Users will be redirected to the login page if they’re not authenticated.

It’s easier than ever to build a login and registration system using ASP.NET Core Identity, thanks to the framework’s built-in support for authentication and user management. By using scaffolding, Entity Framework migrations, and customization options, you can quickly build secure and scalable login systems.

To recap, we showed how to:

• Set up an ASP.NET Core MVC project with Identity
• Run migrations for user tables
• Customize registration and login forms
• Extend IdentityUser to store more user data
• Use [Authorize] to protect routes

Whether you’re creating a simple app or a production-grade system, you can confidently build a login and registration system using ASP.NET Core Identity with just a few lines of code and the right setup.