Has anyone used Okta as an Active client from a .Net Application for WS-Fed? More specifically, just using Okta for WS-Fed authentication?
I've set up an application in Okta to represent the WCF service that I wish to secure. Copy and pasted the configuration that was given for .net 4.5 into my web.config for my service. Created a client to access the service (All of the certs from Okta and all of the metadata seem to pass to the client correctly) and I'm able to generate a proxy from my WCF service WSDL.
When I try to execute a service method, I get this exception: "No version of the CardSpace service was found to be installed on the machine". Now, I'm not fond of the idea of installing CardSpace (which is deprecated) on all of my clients. Has anyone gotten past this? I feel like I'm 95% there.
To elaborate a little more, I have an environment where my users may or may not be on my local domain. If they are, I can easily detect that and would like to use their current Windows account to authenticate to the service. If they are not on the domain, I'd like to prompt the user for their domain username and password. Both of these would use Okta to talk back to my domain (The WCF Service will not be on the domain while it sits on my DMZ). I'm thinking two bindings for the different authentication scenarios? Also, where applicable, I'll infect the captured username and password into my WCF client. All while, of course, not using CardSpace.
So, if anyone has used Okta to authenticate to a WCF service from a Windows client (Active client, NOT browser based) using WS-Federation and has solved the CardSpace issue, please let me know.
If anyone has a similar scenario that they have in respect to my environment and proposal of using multiple bindings to pass in different credentials, please let me know. The previous is my most pressing matter, however.
Thomas, I followed the link for the documentation (the project site) from the Nuget package and this is looking like it's for the OKTA API and not for using the WS-Federation implementation nor how to use Okta for Active client authentication. Can you give a little insite into how this SDK can be used to acomplish these tasks as stated in the original question?
This is more of a developer centric question. Not saying the API is the solution but I think the Okta platform guys are going to have a better perspective on this. I'd suggest floating this question out on Stackoverflow.