Hello,
We have an Okta application setup (SPA) as well as an authorization server setup for our front end Vue application. We are trying to make it so that when users are logged into the Vue application (via Okta) we can then make external API calls to a .Net Core API and validate that the user is allowed to hit the specific API endpoint based on if they’re logged in via Okta.
How would we go about doing this?
Hello,
If you already have the SPA application working and are able to authenticate with Okta, then in order to use the access token to make a call against a protected API follow these instructions. \
If you don’t have anything setup yet I would recommend to follow the same instructions from the beginning.
We have two sample Vue applications, both of which make use of calling a protected API I recommend setting up first.
App1
App2
For ASP NET Core to protect a webapi resource see our docs