Skip to content

Identity & Audit

Cephalon.Identity provides the host-agnostic identity capability. Cephalon.Audit provides an audit-history capability for tracking who-did-what.

Click any package name to jump to its source-doc.

PackageNuGet IDMaturityCapabilityWhat it ships
Identity (base)Cephalon.IdentityM3Capability.IdentityIUserContext, IScopePolicy, claim contracts. Host-agnostic.
Identity.AspNetCoreCephalon.Identity.AspNetCoreM3Capability.IdentityBearer + Cookie auth schemes, JWT validation, WithRequireScope integration.
Audit (base)Cephalon.AuditM3Capability.AuditIAuditWriter, IAuditHistoryReader, audit entry types.
Audit.EntityFrameworkCephalon.Audit.EntityFrameworkM3Capability.AuditEF Core-backed audit store.
ScenarioPackages
Bearer JWT authCephalon.Identity + Cephalon.Identity.AspNetCore
Cookie auth (web app)same
Identity in a worker host (no HTTP)Cephalon.Identity only — provide your own IUserContext (e.g. for impersonation in scheduled jobs)
Audit-tracked writesCephalon.Audit + Cephalon.Audit.EntityFramework
Audit-tracked writes + identityAll four packages
appsettings.json
{
"Engine": {
"Identity": {
"Enabled": true,
"Provider": "Bearer",
"Authority": "https://login.acme.example/",
"Audience": "https://api.acme.example",
"ClaimMapping": { "TenantId": "tenant_id" }
}
}
}

Full schema + 5 scenarios (Auth0, Azure AD, Cookie, multi-tenant per-IdP, test): Reference → Configuration → Identity.

{
"Engine": {
"Audit": {
"Enabled": true,
"Provider": "EntityFramework",
"Retention": "365.00:00:00"
}
}
}
public interface IUserContext
{
string? UserId { get; }
string? TenantId { get; }
string? Email { get; }
string? DisplayName { get; }
IReadOnlyList<string> Scopes { get; }
IReadOnlyList<string> Roles { get; }
bool IsAnonymous { get; }
}
public interface IAuditWriter
{
Task WriteAsync(AuditEntry entry, CancellationToken ct = default);
}

Full surface: API Reference → Cephalon.Abstractions.Audit + Cephalon.Abstractions.Authorization.