Configure .NET Authentication in OWIN

Configure .NET Authentication in OWIN

This tutorial walks you through how to configure authentication in an ASP.NET web app using OWIN and Okta.

Chris H

I’m having trouble with the login redirect. The links “http://localhost:8080/authorization-code/callback” seem to be supposed to route to functions in the AccountController file but I haven’t been able to get any of those functions to hit a breakpoint.

Please advise.


That URL callback is handled by the Okta.AspNet middleware, then redirected to the page/url the user was originally going to. Let me know if that makes sense.

hoi polloi

I am having an issue similar to what Chris is reporting. When I set the RedirectUri to “http://localhost:8080/authorization-code/callback” Okta redirects to that URI. If I set the RedirectUri to a controller endpoint defined by my app, I get a “Site cannot be reached” error.

Matt Raible

The redirect URI is handled by the Okta.AspNet middleware, like Lee said. If you redirect to a controller defined by your app, you’ll need to implement the authorization code flow exchange yourself. If you’re trying to do something not covered by this tutorial, please ask your question on our developer forums. More people will see it there. You can also post to Stack Overflow and use the “okta” tag if you’d prefer.

HariShankar Maurya

I am getting this error while login button click
The request was aborted: Could not create SSL/TLS secure channel.

Amoz Tan

How to catch the error below?
“OpenIdConnectMessage.Error was not null, indicating an error. Error: ‘access_denied’. Error_Description (may be empty): ‘User is not assigned to the client application.’. Error_Uri (may be empty): ‘’.”


Why are both Authorization Code and Implicit (Hybrid) checkboxes ticked for Allowed grant types on the General Settings for the app? Do we need to tick both?


For .NET Framework yes. Just because of the way .NET FX middleware handles the OIDC redirect stuff, implicit is needed. For .NET Core, just use Authorization Code flow.

Mokshagna Anjani Kumar

Hi did u got solution, how to handle this?

Matt Raible

In your Okta OIDC app, make sure the Everyone group is assigned to your app, or just your specific user.