Authentication on a .NET thick application

Hi All, I am just getting started with OKTA, so please forgive me if I am asking a basic question.
We have a thick application written in C# .NET (not a Web/ASP.NET application but just a fat client, C#.NET forms based), and would like to use OKTA for external authentication of this application users.

Here are my questions:

  1. What is the best OKTA method to use for authentication, in the above scenario?
  2. Can you point me to some materials, docs and samples that we could use for development?
  3. Any suggestions on how to define the Application in the OKTA Developer Dashboard?

Thank you.

Pedro

My two cents:

  1. On Okta side, I recommend creating an OIDC application to serve as the IDP for your authentication requests. You can also choose SAML for app type. But OIDC is a newer and more flexible protocol.
    Here is a 3-part introduction to Okta OIDC apps:
    https://developer.okta.com/blog/2017/07/25/oidc-primer-part-1

  2. Your own .Net app is a client of the IDP. It needs to embed a web browser in order to display the interactive login widget of Okta. The .Net app needs to create an url for the authentication request and give that url to the embedded web browser to kick off the auth process.

You may consider Implicit Flow (in part 2 of the series) and make the url accordingly. At the end of the auth flow, an Access Token and an Id Token (in JWT format) are issued to the browser. Your .Net app needs get the content of the web response and parse the tokens out. One of the claims in the tokens will give you the identity of the user.

Hope that helps.