Okta Sign In Widget and protecting ASP.NET pages

shaffer911 · July 22, 2017, 1:39am

We’ve got a multi-page website (VB ASP.NET) that needs to be secured with a username and password.

We are interested in using the Okta Sign In Widget to be the front door for that process.

We have our Okta application setup and the Sign In Widget is working properly where when we enter the proper user credentials the res.session.setCookieAndRedirect(redirectUrl) is redirecting properly to our “main menu”.

Obviously at this point in time, the “main menu” is not “protected” as I can navigate directly to that main menu page and get it to render.

I am looking for some thoughts / sample code to add to my ASPX pages that need to be protected to:

(1) Check and see if the Okta cookie is set / present and to verify the user is authenticated
(2) If not, redirect to the Okta Sign In Widget page

Thanks,
Steve

nate.barbettini · July 31, 2017, 10:46pm

Hey Steve! The easiest way to get the widget working with a server-side rendered application is with OpenID Connect. The widget can be used to kick off the OIDC flow, and the application (with the right OIDC middleware) will handle the callback from Okta.

Is OIDC an option for your ASP.NET site? (Are you using any OWIN middleware already?)

system · January 12, 2024, 7:12pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.