Need to store ClientID and ClientSecret in Database

Hi all,
I need to store Okta ClientID and ClientSecret in Database. Is there anyway to store those information in Database. My requirements is, i need to get ClientID and ClientSecret based on URL Querystring. Please do the needful.

Thanks
Nandakumar R

Hi Nanda,

If you need to gather the ClientID and secret, why not gather the information from the app and place it into your database?
I believe you can get the ClientID via the apps API however the Client Secret will need to be gathered from the interface.

Hi abroadhurst,

Thanks for your response. I can able to store ClientID and secret to Database. But i need to retrieve those information based on Querystring URL. Could you pls share the code if you have. It will be very helpful for me to implement.

I personally don’t recommend passing it via URL, it would be best if you could encrypt it into the body of an http call and pass it to your app via the app’s backend.

Hi Abroadhurst,

Thanks for your response. I have hosted web app in IIS. Its a product, so multiple clients will login. We will create ClientID and ClientSecret respective of Clients (10 Clients). But in examples, Clientid and Client Secret was configured in AppSettings. In this case i am not able to override clientid and Client Secret. This was my requirement. Pls suggest me to choose which process we need to implement.

Hi Nanda,
You should configure the app to each client and deploy different versions of the app with their respective client information to avoid any security issues if possible.

However it is possible to do it the way you described. You mentioned that it was configured in the apps settings? I’m assuming that you are using a framework to make it, if so then you are going to have to find a way to tweak the app so you can edit those details or build the app from the ground up without the frame.

Hi Nanda,

I would suggest that you cna store those value in the App side .
Create a model which will return the value back to you based on theURL or any search criteria.You can call the model from javascript directly and can assign value to javascript variable which will act as the centralize.
Your application is build in which technology.

Hi Piyush.lahoti

Thanks for your reply. My application technology is Asp.Net Web (Not MVC). For Okta, Domain, ClientID and Secret values were loaded before URL get loading. They have initializing cookies on Startup class. It was called at Authorization request. At the time of Authorization request we were not able to access url. URL is undefined at this time. But my requirement is, its product. Based on the user information we will redirect into particular Account’s Home Page. Application hosted in Central Server. All account user will login thru the same URL. Each and every clients have their own OKTA license. So they will create individual application with ClientID, Secret. On this scenario, how i can able to handle all accounts ClientID, Secret information.