Hybrid Authentication Scenario

dlachance · July 2, 2019, 1:01pm

Hi,

We have a hybrid authentication scenario requirement in our ASP.NET Core application.

Normal authentication with username/password
Log in automatically from the c# code with a service account username/password or token (No UI) of specific url parameter.

Flow:
Hit a specific url
Check if specific url parameter is present and valid
Yes: log in automatically with service account
No: redirect to login page

Is it possible to achieve this?
If yes, is there any examples that we can use?

Thanks in advance
Have a great day

dragos · July 3, 2019, 2:56am

Hi @dlachance

This can be achieved by leveraging the authentication API server side and then bringing the sessionToken to the client-side, using the /login/sessionCookieRedirect endpoint as described here.

In short, this would be the scenario steps:

user accesses the web page
the application checks for the query parameter
query parameter is not present
- user is shown the sign-in widget (or he is redirected to Okta to log in)
query parameter is present
- the application does the request to /api/v1/authn in the back-end using the service account and retrieves the sessionToken
- the application sets a Location header to redirect the user to https://yourOktaOrg.okta.com/login/sessionCookieRedirect?token=SessionTokenHere&redirectUrl=https://yourOktaOrg.okta.com
- user is logged in to Okta using the service account

dlachance · July 3, 2019, 6:23pm

Works perfectly :)!

Thanks

system · January 26, 2024, 11:30pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.