Access claims in .NET C#?

api

#1

Ok, got not responses on this post. So let me ask differently.

We are using the Okta Sign-in Widget on a .NET aspx page.

The code for this page is here (sanitized). Our goal is to retrieve the authorized user name from the claims array within the Page_Load() event of the form. Is this even possible?

Thanks for any help in advance.


#2

A couple of questions for you:

  • Is this ASP .NET Web Forms? (I assume so)
  • Which version of .NET Framework are you targeting?
  • Is building a custom sign-in page a hard requirement, or would you be able to redirect to an Okta-hosted sign-in page?

Simply placing the Sign-in Widget on the page is tempting, but it won’t quite work because ASP .NET is picky about how you sign users in. Unless you hook into the ASP .NET authentication mechanism, it won’t be aware of the user.

We are working on a sample to demonstrate how to do this right now. We can definitely help get this working. :slight_smile: Let me know the answers to my questions above.


#3

@nate.barbettini, thanks for the reply! Let me answer your questions and then give you some background.

  • Is this ASP .NET Web Forms? (I assume so)

Yes,

  • Which version of .NET Framework are you targeting?

4.5.2 or higher

  • Is building a custom sign-in page a hard requirement, or would you be able to redirect to an Okta-hosted sign-in page?

custom page is not a hard requirement. Here’s where I think some background will help.

We use a product (Qlikview QV) which we want to authenticate through Okta. However, QV does not have the ability to work with Okta, so they provide an example on how to custom authenticate with another provider using a stand-alone aspx page. The sample just illustrates how to authenticate with the 3rd-party provider, not specifically Okta. QV provides a .NET API that is used to populate what QV needs to authenticate.

So our needs is two-fold

  1. Extract the login name (username) from Okta after authentication, and populate the QV packet using its .NET API.

  2. Make sure whatever token is needed is passed along so that if the user leaves QV to anther site, SSO is enabled.

Here’s a link to the sample Authenticate.aspx page provided by QV. Again, this is just a sample. The idea would be to replace the content of the authUserAndGetGroups() method to retrieve only the user in our case from Okta after authentication. This could very well be the hosted Okta page.

Hope this helps in determining what we need to do.

I should state, if we could do this all within the Authenticate.aspx page, that would be great. I guess, however, that it would be possible to do this all within a .NET app similar to the startup projects on the Okta site.

Thanks for your help.
— x


#4

Hi @nate.barbettini, I was just wondering if you had any further comments on this.
regards,
– x