Authorizing API Calls Through OKTA Login


We have an Okta application setup (SPA) as well as an authorization server setup for our front end Vue application. We are trying to make it so that when users are logged into the Vue application (via Okta) we can then make external API calls to a .Net Core API and validate that the user is allowed to hit the specific API endpoint based on if they’re logged in via Okta.

How would we go about doing this?

If you already have the SPA application working and are able to authenticate with Okta, then in order to use the access token to make a call against a protected API follow these instructions. \

If you don’t have anything setup yet I would recommend to follow the same instructions from the beginning.

We have two sample Vue applications, both of which make use of calling a protected API I recommend setting up first.

For ASP NET Core to protect a webapi resource see our docs


I am trying to use the same getAccessToken() method as described in

But that method doesn’t grab my token all the time. Please see my other thread (the only other one on my profile)