404 on login redirect URI

Newbie Okta dev here. Our organization has been using Okta for awhile now but our developer who worked on our integration has left, and I am now trying to figure things out mostly from scratch.

We have a .NET 4.7.2 application utilizing Okta. We are currently using the Okta-hosted login page and it’s been working great so far. Our app redirects users to that page to log in, and then they are returned to our app.

We are revamping our UI and are building a React front-end on top of the existing .NET backend. We now want to convert to a self-hosted login page. I am using the @okta/okta-signin-widget package. When instantiating the widget, I am using the exact same base URL, Client ID, and Redirect URI that the old setup is using. It appears that the authentication itself happens correctly, however I get a 404 on the /authorization-code/callback redirect. The URL reads:


https://{{appURL}}/authorization-code/callback IS whitelisted as a login redirect URL for this application. My understanding is that the Okta middleware on the .NET is supposed to automatically configure the /authorization-code/callback endpoint for us. And appears to be working just find with our current setup, but something with how I have the self-hosted widget setup is just not finding that endpoint and giving me a 404. I don’t really know where to continue troubleshooting.

I am really unfamiliar with this flow so I apologize if I’ve left any crucial information out. Thanks in advance for any tips!

If you are switching to a self-hosted widget for your .NET app you might want to check out this sample app samples-aspnet/self-hosted-login at master · okta/samples-aspnet · GitHub.

If you are switching to a React front-end with self-hosted widget then you might want to check out this sample app for a .NET resource server samples-aspnet/resource-server at master · okta/samples-aspnet · GitHub The doc mentions using one of the front-end sample apps which will retrieve tokens for you and then interact with the resource server.