Get openid-configuration using some default Okta endpoint instead of domain specific one

I have one issue while using OpenId with Okta as an external identity provider.

When you register OpenId for any authentication scheme, such option as Authority has to be specified.
For Okta it can look like this: “https://dev-XXXXXXXX.okta.com”, where dev-XXXXXXXX is a specific Okta domain you have. This Authority property is being initialized during service startup and request for getting openid-configuration is sent using Authority as base url. (The full address looks like this:
https://dev-XXXXXXXX.okta.com/.well-known/openid-configuration”)

The problem I have, is that specific domain value in my application is stored in database and is not the same for different users. Which means I don’t know it when service is started and can only obtain it in runtime. But I can easily get suitable domain for particular user while handling ‘OnRedirectToIdentityProvider’ event, which allows to do whatever I need before sending actual authorization request to Okta.

So the question: is there any way to get Okta openid-configuration without specific domain during startup? For example in Azure, you can have the next Authority value: “https://login.microsoftonline.com/common/v2.0”, where ‘common’ is a default tenant value, that allows to get openid-configuration without specifying actual tenant. And this default value can be changed with a required one in ‘OnRedirectToIdentityProvider’ event handler.

Hello! Unfortunately, we do not support what you’re referring to, as the well-known endpoint is org specific.

However, you can customize your Okta organization by replacing the Okta domain name with your own. More information can be found here: Configure Custom URL.

Please also refer to the details on Dynamic Issuer Mode- Authorization Servers | Okta Developer

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.