I’m getting a 401 unauthorized trying to use a token returned from Okta authentication process from my Blazor client App following this tutorial:
my client Startup.cs setup:
.AddOpenIdConnect(options =>
{
options.ClientId = Configuration[“Okta:ClientId”];
options.ClientSecret = Configuration[“Okta:ClientSecret”];
options.CallbackPath = “/authorization-code/callback”;
options.Authority = Configuration[“Okta:Issuer”];
options.ResponseType = “code”;
options.SaveTokens = true;
options.Scope.Add(“openid”);
options.Scope.Add(“profile”);
options.TokenValidationParameters.ValidateIssuer = false;
options.TokenValidationParameters.NameClaimType = “name”;
});
My web API Startup.cs setup:
//services.AddAuthentication(options =>
//{
// options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
//})
//.AddJwtBearer(options =>
//{
// options.Authority = “[my domain]/oauth2/default”;
// options.Audience = “api://default”;
// options.RequireHttpsMetadata = false;
//});
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = OktaDefaults.ApiAuthenticationScheme;
options.DefaultChallengeScheme = OktaDefaults.ApiAuthenticationScheme;
options.DefaultSignInScheme = OktaDefaults.ApiAuthenticationScheme;
})
.AddOktaWebApi(new OktaWebApiOptions()
{
OktaDomain = [my domain],
});
Tried both commented and uncommented code with the same results.
Please help!