vjain
April 26, 2020, 6:00pm
1
Why we need to select “Authorization Code” and “Implicit” grant type for a Web App authentication which should not require “Implicit” grant type as it is less secure ? Implicit should only be required for SPA’s where back channel communication is not possible?
Thanks,
Vikas
You can uncheck those boxes if you are up to authz_code flow or PKCE
vjain
April 27, 2020, 7:00am
3
Un-checking boxes do not work.Please refer to following post:
opened 09:37PM - 19 Mar 18 UTC
closed 02:56PM - 21 Mar 18 UTC
I just cloned this, compiled and ran it, against a new preview application.
The website loads without problems, but when I click...
Thanks,
Vikas
As you can see from the explanation, it’s just an issue/limitation of MS OWIN model (https://github.com/oktadeveloper/okta-aspnet-mvc-example/issues/18#issuecomment-374825066 ) If you’ve decided to go with Java stack for example, it wouldn’t have been an issue.
vjain
April 27, 2020, 1:05pm
5
Ahh! Got it. Are you aware of any other option for ASP.NET app that does not has this limitation?
Appreciate the insights.
Thanks,
Vikas
No insights here I think I used .net core with authz_code and it worked fine, but it was a while ago
system
Closed
January 23, 2024, 11:22pm
7
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.