Hi all, I have to secure a endpoint in my c# .net core web application - hence I need help in guidance in how to register my application in Okta and then how to pass the client id and secret to generate the token when accessing the endpoint - then to refresh the token when expired
You can look at some of the samples here.
For refresh token, you might need to enable that in your org and authorization server (if you have one). Then add offline_access scope in your dotnet middleware configuration. For example, in this sample, add offline_access to the list of scopes like
Scope = new List<string> { "openid", "profile", "email", "offline_access" },
This setup is for protecting a client application.
If you are looking for protecting a resource server like projects generated using ASP.NET Core Web API template, then refer to this guide.
1 Like
@ram.gandhi, Could you be more specific to the requirement - I just need to get a access token from Okta and validate the token using Okta
Could you expand on your requirements?
-
Web application (Client application) can use one of the oAuth flows (authorization code, implicit, etc) to get an access token. Refer this guide.
-
API application (Resource server) can be protected using a middleware to verify JWT signature and claims. Refer this guide in my earlier post.
If you are looking for general oAuth2 concepts, read OAuth 2.0 and OpenID Connect overview | Okta Developer
1 Like
@ram.gandhi, My Application has a API which has to be secured through a token. The process is like this, GetCredentials method in my application A is called by another application B hence my application A will pass the client Id and secret. Upon receiving the client id and secret - these two data will be sent back to the application A and both are validated and a token is generated through okta and passed to the application B. When passing the data to API in Application A the token will also be passed and upon validating the token further operations are performed. Need guidance like how to register the application in Okta. With trial version can this be implemented initially or we need a paid version. Thank You.