The Okta authentication is great, but I would like to set up further security so that logged-in users cannot get/update/delete data that they are not supposed to. I can easily add the [Authorize] annotation to my controllers and that works great, but I need to be able to retrieve the email of the authenticated user in my .NET Core 2.1 API. I want to then verify that the authenticated email is the same as what’s in the GET/POST/DELETE request.
Hi @jkemmerer,
If you are using the Okta ASP.NET Core middleware, it automatically populates HttpContext.User with a limited set of user information.
In this case, you can do something like this to get the authenticated email:
var principal = HttpContext.User.Identity as ClaimsIdentity;
var login = principal.Claims
.SingleOrDefault(c => c.Type == ClaimTypes.NameIdentifier)
?.Value;
You can find more info in our samples repo & quickstart:
1 Like
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.