| title | Create an ASP.NET web app with an Azure Managed Redis cache | |
|---|---|---|
| description | In this quickstart, you learn how to create an ASP.NET Core web app with an Azure Managed Redis cache. | |
| ms.date | 01/30/2026 | |
| ms.topic | quickstart | |
| ms.devlang | csharp | |
| appliesto |
|
|
| ai-usage | ai-assisted |
This sample shows how to connect an ASP.NET Core Web API to Azure Managed Redis by using Microsoft Entra ID authentication with the DefaultAzureCredential flow. The application avoids traditional connection string-based authentication in favor of token-based, Microsoft Entra ID access, which aligns with modern security best practices.
The application is a minimal ASP.NET Core 8.0 Web API that:
- Establishes a secure, authenticated connection to Azure Managed Redis at startup.
- Exposes a simple REST endpoint that reads and writes data to the cache.
- Demonstrates proper Redis connection lifecycle management by using dependency injection.
Clone the Microsoft.Azure.StackExchangeRedis repo on GitHub.
- .NET 8.0 SDK.
- An Azure Managed Redis instance provisioned in your Azure subscription.
- Your Azure user or service principal must be added as a Redis user on the cache. In the Azure portal, go to Authentication on the Resource menu, select User or service principal, and add your identity.
- Azure CLI for local development authentication.
| Package | Purpose |
|---|---|
Microsoft.Azure.StackExchangeRedis |
Extension methods for StackExchange.Redis that enable Microsoft Entra ID token-based authentication to Azure Managed Redis |
StackExchange.Redis |
The underlying Redis client library for .NET |
Azure.Identity |
Provides DefaultAzureCredential and other credential types for authenticating with Azure services |
Swashbuckle.AspNetCore |
Swagger/OpenAPI support for API documentation and testing |
Install the primary package:
dotnet add package Microsoft.Azure.StackExchangeRedisThis package brings in StackExchange.Redis and Azure.Identity as dependencies.
The application reads the Redis endpoint from configuration. Update appsettings.Development.json:
{
"Redis": {
"Endpoint": "<your-redis-name>.<region>.redis.azure.net:10000"
}
}Note
Azure Managed Redis uses port 10000 by default. The endpoint format follows <cache-name>.<region>.redis.azure.net:10000.
Before running the application locally, authenticate with Azure:
az loginThe DefaultAzureCredential automatically picks up your Azure CLI credentials and uses them to get an access token for the Redis resource. This approach eliminates the need to manage or rotate secrets locally.
In Azure-hosted environments such as App Service, Container Apps, and AKS, DefaultAzureCredential uses:
- Managed Identity - system-assigned or user-assigned
- Workload Identity - for Kubernetes scenarios
- Environment variables - for service principal authentication
You don't need to change your code. The same DefaultAzureCredential seamlessly adapts to the environment.
The Redis class manages the connection lifecycle:
var options = new ConfigurationOptions()
{
EndPoints = { endpoint },
LoggerFactory = _loggerFactory,
};
await options.ConfigureForAzureWithTokenCredentialAsync(new DefaultAzureCredential());
_connection = await ConnectionMultiplexer.ConnectAsync(options);Key points:
ConfigureForAzureWithTokenCredentialAsyncis an extension method fromMicrosoft.Azure.StackExchangeRedisthat sets up token-based authenticationDefaultAzureCredentialautomatically handles token acquisition and refresh- The app establishes the connection once at startup and shares it across requests
The app registers the Redis service as a singleton and initializes it during startup:
builder.Services.AddSingleton<Redis>();
// Initialize Redis connection
using (var scope = app.Services.CreateScope())
{
var redis = scope.ServiceProvider.GetRequiredService<Redis>();
var endpoint = app.Configuration.GetValue<string>("Redis:Endpoint");
await redis.ConnectAsync(endpoint);
}The controller injects the Redis service and demonstrates basic cache operations:
- GET
/Sample: Reads the previous visit timestamp from the cache and updates it with the current time
-
Ensure you're authenticated:
az login
-
Update the Redis endpoint in
appsettings.Development.json. -
Run the application:
dotnet run
-
Navigate to
https://localhost:<port>/swaggerto access the Swagger UI.
When invoking the GET /Sample endpoint:
First request:
Previous visit was at:
(Empty value since no previous visit exists)**Subsequent requests:**
Previous visit was at: 2026-01-30T14:23:45
(Returns the ISO 8601 formatted timestamp of the previous request)The console logs display:
info: Microsoft.Azure.StackExchangeRedis.Sample.AspNet.Controllers.SampleController
Handled GET request. Previous visit time: 2026-01-30T14:23:45-
Token refresh: The
Microsoft.Azure.StackExchangeRedislibrary automatically refreshes tokens before they expire, so you don't need to handle refresh manually. -
Connection resilience: The
ConnectionMultiplexerfrom StackExchange.Redis manages reconnection logic on its own. -
Resource cleanup: The
Redisservice implementsIDisposableto properly close the connection when the application shuts down. -
Logging integration: The Redis client works with .NET's
ILoggerFactoryfor unified logging output.
| Issue | Resolution |
|---|---|
No connection is available |
Verify the endpoint format and port (10000). Make sure the Redis instance is provisioned and accessible. |
AuthenticationFailedException |
Run az login to refresh credentials. Verify your identity is added as a Redis user under Authentication on the Resource menu. |
Unauthorized |
Ensure your Microsoft Entra ID identity is added as a Redis user on the Azure Managed Redis instance. For more information, see Use Microsoft Entra ID for cache authentication. |