Error: The signature key was not found

I’ve contacted developer support and I was advised “not to validate the token” from our .net code.
And need to call the /v1/userinfo end point to get user info.

I did below steps and got it working in .net core 2.0. Unfortunately our existing application is using core 1.0 and no SET method for SecurityTokenValidator.

New Validator Class

  1. public class CustomSecurityValidator : ISecurityTokenValidator
  • override the ValidateToken method to not validate the token

Startup.cs
2. options.SecurityTokenValidator = new CustomSecurityValidator();
3. OnTokenValidated event, call /v1/userinfo end point manually and add the user info to ctx.Principal

Hope the above useful to someone.

It will be good if OKTA .net core middleware can handle this scenario.