How to verify an email address in a .NET Core 2.0 RESTful API

The Okta authentication is great, but I would like to set up further security so that logged-in users cannot get/update/delete data that they are not supposed to. I can easily add the [Authorize] annotation to my controllers and that works great, but I need to be able to retrieve the email of the authenticated user in my .NET Core 2.1 API. I want to then verify that the authenticated email is the same as what’s in the GET/POST/DELETE request.

Hi @jkemmerer,

If you are using the Okta ASP.NET Core middleware, it automatically populates HttpContext.User with a limited set of user information.
In this case, you can do something like this to get the authenticated email:

var principal = HttpContext.User.Identity as ClaimsIdentity;

var login = principal.Claims
                .SingleOrDefault(c => c.Type == ClaimTypes.NameIdentifier)
                ?.Value;

You can find more info in our samples repo & quickstart:

1 Like

Hi @laura.rodriguez,

That worked perfectly (and very quick to set up)! Thanks so much.

Josh

1 Like