I’m attempting to setup authorizations in a new .net core 3.1 api using Okta. Using the quick start it looks pretty simple using
But, I have some legacy apps that will not be authenticating against Okta. For those I would like to fall back to active directory groups for authorization. Is this possible using the code above? Looks like that code is setting the one default to rule them all. Not sure how I would tackle an either/or approach.