.Net Core 3.0 OpenId Exception

I am trying to implement Okta in a very simple .Net Core 3.0 web app. I tried this at first:

https://developer.okta.com/quickstart-fragments/dotnet/aspnetcore-auth-code/#okta-asp-net-core-mvc-quickstart

but it doesn’t work at all - fails instantly at runtime because the Okta.AspNetCore package hasn’t been built properly for the .net core 3.0 framework (one of the cookie libraries changes namespaces and it fails instantly at runtime). Anyway, so I used the Microsoft.AspNetCore.Authentication.OpenIdConnect library instead, and that runs fine - but it fails whenever I Authorization is enforced.

I get the following error and even after some Googling, I have no idea what it might mean. If anyone could point me in the direction of some help on this, I’d be greatly appreciative.

System.IO.IOException: IDX20807: Unable to retrieve document from: ‘[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]’. HttpResponseMessage: ‘[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]’, HttpResponseMessage.Content: ‘[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]’.
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)

System.InvalidOperationException: IDX20803: Unable to obtain configuration from: ‘[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]’.
—> System.IO.IOException: IDX20807: Unable to retrieve document from: '[PII is hidden. For more details, see '. HttpResponseMessage: ‘[PII is hidden. For more details, see ]’, HttpResponseMessage.Content: ‘[PII is hidden. For more details, see ]’.
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties)
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.ChallengeAsync(AuthenticationProperties properties)
at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties)
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)

You can enable actual URL to be printed instead of that PI message, to move one step further. Google for the recipe to make it possible. It might give you an idea of what’s going wrong.