Often, when writing C# code for sitecore related projects, I have found myself and team re-writing authorization and basic client implementations. Since this has gotten to be a large copy paste effort with modifications in some cases, I decided to create two libraries to help me combat this issue, and share with anyone who may be facing something similar.

Sitecore API Authorization Library

This is a high‑performance, thread‑safe .NET library that manages Sitecore Cloud OAuth2 tokens with automatic caching, refresh, cleanup, and optional DI support. Debug‑friendly logging and integration tests make it a safe backbone for auth flows.

You can check out the repository on github.

How to install the Sitecore API Authorization Library

To install, just add via nuget.

dotnet add package SitecoreAPIAuthorization

How to use the Sitecore API Authorization Library

To use the library, first register the service.

services.AddLogging(b => b.SetMinimumLevel(LogLevel.Debug).AddConsole());
services.AddSitecoreAuthentication();

Once registered, you can consume it withing a class via dependency injection.

public class MyService
{
  private readonly ISitecoreTokenService _tokenService;

  public MyService(ISitecoreTokenService tokenService)
  {
    _tokenService = tokenService;
  }

  public async Task<SitecoreAuthToken> GetTokenAsync()
  {
    var credentials = new SitecoreAuthClientCredentials("client-id", "client-secret");
    return await _tokenService.GetSitecoreAuthToken(credentials);
  }
}

Sitecore GraphQL Client Library

This is a class library that spins up a thread‑safe, DI‑friendly factory for GraphQL clients against Sitecore. It elegantly injects bearer tokens, caches per endpoint and client ID, auto‑refreshes tokens on 401, and uses robust unit tests to keep everything stable and predictable.

This library is also available on github.

How to install the Sitecore GraphQL Client Library

You can also add this package via nuget.

dotnet add package SitecoreAPIGraphQLClient

There is also the option of adding via package reference.

<ItemGroup>
  <PackageReference Include="SitecoreAPIGraphQLClient" Version="x.y.z" />
</ItemGroup>

How to use the Sitecore GraphQL Client Library

First you would add a configuration in appsettings.json.

{
  "Sitecore": {
    "GraphQL": {
      "Endpoint": "https://your.sitecore/graphql",
      "ClientId": "your-client-id",
      "ClientSecret": "your-client-secret",
      "EnableUnauthorizedRefresh": true,
      "MaxUnauthorizedRetries": 1,
      "Clients": {
        "content": {
          "Endpoint": "https://content/graphql",
          "ClientId": "content-id",
          "ClientSecret": "content-secret"
        }
      }
    }
  }
}

After configuration, wire up your dependency injection.

builder.Services.AddSitecoreGraphQL(builder.Configuration);

Then, add some code to create a client.

var client = await _factory.CreateClientAsync(ct);
var request = new GraphQLRequest { Query = "query Example { ping }" };
var response = await client.SendQueryAsync<JsonDocument>(request, ct);
var data = response.Data;

You can also used named clients.

var contentClient = await factory.CreateClientByNameAsync("content", ct);

If you want to manually refresh a token, you can also do so.

var success = await factory.RefreshTokenAsync(ct);

Conclusion

With these libraries in our toolbox, we can skip the ritual of hunting down old snippets, adjusting them for the hundredth time, and hoping we didn’t miss a tiny but crucial change. Instead, we get tested, reusable code that handles the boring parts so you can focus on building the cool parts of Sitecore projects. Give them a spin, break them in, and if you find a way to make them sharper, faster, or just plain better, I’m all ears.