We have a hybrid authentication scenario requirement in our ASP.NET Core application.
Normal authentication with username/password
Log in automatically from the c# code with a service account username/password or token (No UI) of specific url parameter.
Flow:
Hit a specific url
Check if specific url parameter is present and valid
Yes: log in automatically with service account
No: redirect to login page
Is it possible to achieve this?
If yes, is there any examples that we can use?
This can be achieved by leveraging the authentication API server side and then bringing the sessionToken to the client-side, using the /login/sessionCookieRedirect endpoint as described here.
In short, this would be the scenario steps:
user accesses the web page
the application checks for the query parameter
query parameter is not present
user is shown the sign-in widget (or he is redirected to Okta to log in)
query parameter is present
the application does the request to /api/v1/authn in the back-end using the service account and retrieves the sessionToken