Can I use Org Auth Server for protecting my backend APIs?

bogdan.mihail.vlad · April 9, 2021, 5:02pm

I have SPA in Angular with a dotnet core backend. When the app is accessed by a user he gets redirected to Okta for login. Once the user is authenticated the app can retrieve data from the backend. But… the backend endpoints are not protected. My company only provides access to the Org Authorization Server so I can’t customize it. I need a way to send the access token to the backend API to protect the endpoints there. That access token needs to include also group claims. How can I do that?

Thanks

mraible · April 9, 2021, 5:10pm

Create a new developer account at https://developer.okta.com and you’ll get API access management for free! If you want to use your company’s account (that doesn’t have API Access Management), I don’t think it’s possible.

bogdan.mihail.vlad · April 9, 2021, 5:22pm

So, just to be sure. In this case I can’t use the information below to authorize the backend?

mraible · April 9, 2021, 5:47pm

That is correct. Authorization Servers | Okta Developer

bogdan.mihail.vlad · April 9, 2021, 5:48pm

ok, thanks for confirming

system · January 27, 2024, 12:14am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Angular FE and Asp.Net Core Backend API OAuth/OIDC	2	2287	February 12, 2024
Securing APIs with policies API dotnet , api	4	4000	January 24, 2024
Angular app with .Net core backend Questions	1	3832	January 18, 2024
Authentication for Angular SPA and authorization for .NET Core 2.2 Web API Questions	1	4009	January 24, 2024
Confused about authentication approach SAML	2	4399	May 7, 2019

Can I use Org Auth Server for protecting my backend APIs?

Related topics