Configure .NET Authentication in OWIN

oktadev-blog · December 5, 2018, 7:20pm

This tutorial walks you through how to configure authentication in an ASP.NET web app using OWIN and Okta.

oktadev-blog · February 13, 2019, 11:06pm

Chris H

I’m having trouble with the login redirect. The links “http://localhost:8080/authorization-code/callback” seem to be supposed to route to functions in the AccountController file but I haven’t been able to get any of those functions to hit a breakpoint.

Please advise.

oktadev-blog · February 14, 2019, 6:31pm

leebrandt

That URL callback is handled by the Okta.AspNet middleware, then redirected to the page/url the user was originally going to. Let me know if that makes sense.

oktadev-blog · April 2, 2019, 9:07pm

hoi polloi

I am having an issue similar to what Chris is reporting. When I set the RedirectUri to “http://localhost:8080/authorization-code/callback” Okta redirects to that URI. If I set the RedirectUri to a controller endpoint defined by my app, I get a “Site cannot be reached” error.

oktadev-blog · April 19, 2019, 9:29pm

Matt Raible

The redirect URI is handled by the Okta.AspNet middleware, like Lee said. If you redirect to a controller defined by your app, you’ll need to implement the authorization code flow exchange yourself. If you’re trying to do something not covered by this tutorial, please ask your question on our developer forums. More people will see it there. You can also post to Stack Overflow and use the “okta” tag if you’d prefer.

oktadev-blog · May 10, 2019, 10:50am

HariShankar Maurya

I am getting this error while login button click
The request was aborted: Could not create SSL/TLS secure channel.

oktadev-blog · August 27, 2019, 9:15am

Amoz Tan

How to catch the error below?
“OpenIdConnectMessage.Error was not null, indicating an error. Error: ‘access_denied’. Error_Description (may be empty): ‘User is not assigned to the client application.’. Error_Uri (may be empty): ‘’.”

oktadev-blog · November 21, 2019, 1:55am

Aaron

Why are both Authorization Code and Implicit (Hybrid) checkboxes ticked for Allowed grant types on the General Settings for the app? Do we need to tick both?

oktadev-blog · November 22, 2019, 6:01pm

leebrandt

For .NET Framework yes. Just because of the way .NET FX middleware handles the OIDC redirect stuff, implicit is needed. For .NET Core, just use Authorization Code flow.

oktadev-blog · June 2, 2021, 8:53pm

Mokshagna Anjani Kumar

Hi did u got solution, how to handle this?

oktadev-blog · June 7, 2021, 7:42pm

Matt Raible

In your Okta OIDC app, make sure the Everyone group is assigned to your app, or just your specific user.

kennedyas3 · December 12, 2023, 8:58pm

I had an issue that might help if you get stuck with package version conflicts with OWIN OIDC. Make sure the <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
to remove the xmlns namespace just empty configuration tag.

``