Running into runtime error “IDX11025: Cannot serialize object of type: ‘System.Guid’ into property: ‘jti’’” when using Okta .Net SDK 8.0.1 along with Microsoft.AspNetCore.Authentication.JwtBearer 8.0.*. The issue does not occur when using Microsoft.AspNetCore.Authentication.JwtBearer 7.0.20.
The Okta Service App is setup to use scoped OAuth 2.0 access tokens with BPoP enabled - [Implement OAuth for Okta with a service app | Okta Developer].
Using sample .net code below:
var privateKey = new JsonWebKeyConfiguration
{
P = “{{P}}”,
Kty = “RSA”,
Q = “{{Q}}”,
D = “{{D}}”,
E = “{{E}}”,
Kid = “{{Kid}}”,
Qi = “{{Qi}}”,
Dp = “{{Dp}}”,
Dq = “{{Dq}}”,
N = “{{N}}”
};
var configuration = new Configuration
{
OktaDomain = “https://{{yourOktaDomain}}”,
AuthorizationMode = AuthorizationMode.PrivateKey,
ClientId = “{{clientId}}”,
Scopes = new List { “okta.users.read”}, // Add all the scopes you need
PrivateKey = privateKey
};
var usersApiClient = new UserApi(configuration);
var user = await _usersApiClient.GetUserAsync(“{{userId}}”);
Stack Trace:
at Okta.Sdk.Client.DefaultDpopProofJwtGenerator.GenerateJwt(String nonce, String httpMethod, String uri, String accessToken)
at Okta.Sdk.Api.OAuthApi.d__18.MoveNext()
at Okta.Sdk.Api.OAuthApi.d__17.MoveNext()
at Okta.Sdk.Client.DefaultOAuthTokenProvider.d__15.MoveNext()
at Okta.Sdk.Client.DefaultOAuthTokenProvider.d__7.MoveNext()
at Okta.Sdk.Client.DefaultOAuthTokenProvider.d__12.MoveNext()
at Okta.Sdk.Api.UserApi.d__43.MoveNext()
at Okta.Sdk.Api.UserApi.d__42.MoveNext()
…
Other than downgrading to Microsoft.AspNetCore.Authentication.JwtBearer 7.0.20, any other solutions?