Authorization has been denied for this request. [React+.NET API]

Hello, I recently got okta working with react. Login/logout works just fine. I’m able to get an access & id token and all of the authService methods work for me.

I am also running a .NET API. I recently added the [Authorize] attribute to certain endpoints for testing after following https://developer.okta.com/docs/guides/protect-your-api/aspnet/before-you-begin/

The problem is when I try to pass my accessToken to an end-point like below:

const params = {
  headers: {
    Authorization: 'Bearer ' + accessToken
  }
};
fetch(url, params)
  .then((result) => {
    // do stuff
  };

I receive an odata error from my API server with an error message that reads:

{
  "odata.error":{
    "code":"","message":{
      "lang":"en-US","value":"Authorization has been denied for this request."
    }
  }
}

Where am I going wrong here? Any help appreciated!!

I wanted to follow up here.
It turned out my Startup.cs class was not being called which contained:

app.UseOktaWebApi(new OktaWebApiOptions()
{
    OktaDomain = WebConfigurationManager.AppSettings["OktaOrgDomain"],
});

I was able to fix this by installing the Microsoft.Owin.Host.SystemWeb package in my .NET project.
Solution found here: https://stackoverflow.com/questions/20203982/owinstartup-not-firing

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.