Okta OIDC Metadata URL

I develop Open ID Connect Asp.Net Web Application with Okta.AspNet NuGet package. I created a developer account at https://developer.okta.com/signup/ and got the metadata URL as https://{my-sub-domain}.okta.com/oauth2/default/.well-known/openid-configuration. I setup the required fields for the application ( ClientId, ClientSecret, OktaDomain, RedirectUri, PostLogoutRedirectUri,Scope). Everything works fine in my developer environment.

When deployed on production, my customer sent me the required fields ( ClientId, ClientSecret, OktaDomain, RedirectUri, PostLogoutRedirectUri,Scope). The difference is the metadata URL in format https://{client-domain}.oktapreview.com/.well-known/openid-configuration. The application failed with the error " Unable to retrieve document from: ‘https://{client-domain}.oktapreview.com/oauth2/default/.well-known/openid-configuration’."

So I have these questions:

  • How do I create an account with *.oktapreview.com?
  • Why my customer metadata URL differs from my metadata URL. (does not contain /oauth2/default) ?

@nngochue I don’t think it’s possible to guarantee an account with the *.oktapreview.com url. However, you should be able to modify the OktaDomain property according to the doc https://github.com/okta/okta-aspnet/blob/master/docs/aspnet4x-mvc.md#configuration-reference

Both metadata URLs are valid, the one without the /oauth2/default refers to the Okta org as the authorization server which is further explained in this article: https://support.okta.com/help/s/article/Difference-Between-Okta-as-An-Authorization-Server-vs-Custom-Authorization-Server?language=en_US You will need to modify the AuthorizationServerId property to be an empty string or null to support this.

@warren Thank you. It works perfectly.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.