<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
0D54z00007pKMwFCAWOkta Classic EngineAuthenticationAnswered2024-04-16T13:00:48.000Z2022-07-18T15:30:42.000Z2022-07-27T16:21:13.000Z
  • flaviu.vrinceanu1.5628408972654734E12 (Customer Success Service Delivery)

    Hi @vr4n1 (vr4n1)​,

     

    Thank you for posting on the Okta community page!

     

    I have done some research and managed to find the bellow articles that might help you, achieve this integration:

     

    Additionally, my advice would be to also leverage the Okta Developer forums for this type of questions and take advantage of their expertise.

     

    I hope the above information is useful!

    Expand Post
  • vr4n1 (vr4n1)

    Thank you very much!

    I managed to get the client authentication work by following this link How To Add Okta Authentication to Blazor WASM - YouTube but the [authorize] does not work.

    for .NET 6, you need to add Microsoft.IdentityModel.Tokens nuget package to server project get it working.

    I checked that the token is stored in sessionstorage:

    oidc.user:{{your_okta_domain}}/oauth2/default:0oajhf0akzw1YfG1w0h7 contains

    access_token: “”

    expires_at: 1658723964

    id_token: “”

    profile: {sub: “00u17vftfpmmUi3lr0h8”, name: “”, ver: 1,…}

    scope: “openid profile”

    token_type: “Bearer”

    I also verified that the bearer token is attached to Blazor client Http request due to these line in Program.cs (Client project):

    builder.Services.AddHttpClient(“ServerAPI”, client => client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress))

    .AddHttpMessageHandler();

    // Supply HttpClient instances that include access tokens when making requests to the server project

    builder.Services.AddScoped(sp => sp.GetRequiredService().CreateClient(“ServerAPI”));

    but at server project, if you put [Authorize] on the controller, you will get 401 unauthorized, I checked the the User context is not constructed in server project. but the bearer token is passed … I followed this link Secure Your .NET 6 Web API | Okta Developer, I was able to validate the token.

    I still need to find a solution on following:

    1. how to make server project [Authorize] working
    2. how to make my role, which is group membership appear in the token as claim

     

    Expand Post
  • vr4n1 (vr4n1)

    I was able to create a custom claim groups in the default authorization server so now the groups claim is included in the access_token and id_token, but the claim is not populated in the user's claim.

This question is closed.
Loading
How to use Okta to secure Blazor WASM ASP.NET core hosted app?