Best SSO approach for WPF(client) and ASP.NET Application


Can anyone help with suggestions? We are having WPF(client) application and ASP.NET api. We would like to implement authentication using OKTA SSO. We need to know which approach in SSO would be best and how the approach would be differ from others. I read the documentation, but might be anyone already implemented configuration like this?

I’m not a .NET person, but I can tell you how the ideal desktop login would work. I couldn’t find a library that does this, but you might be able to with a little more targeted search.

We typically default to recommending OIDC/OAuth 2.0 for everything auth related.
An OAuth flow for a desktop application works the same way as a mobile application. The flow is called “authorization code grant”, you can read the details here: Implement authorization by grant type | Okta Developer

The WPF-specific bits are how you handle the callback. Your application would need to register a URI handler, this tells the OS (and your browser) which application to use when a custom protocol is used.

For example, you could register a handler for the protocol you-app-name when your browser sees the URI your-app-name://callback?code=SOMETHING, your app would open and then would validate the code (a REST request back to Okta, or other OAuth authorization server)

More info on this flow:


Hi @bdemers Thank you so much for the answer! I’m appreciate it.

1 Like