Replace ADFS with Okta

Hi All

over Christmas I took our existing company app .net MVC, removed ADFS authentication and added Okta in a development environment. After a bit of playing with web.config it was working.

Today I picked the project back up to move to UAT testing and it wont work in the development environment. The error is Response status code does not indicate success: 401 (Unauthorized).

After a couple of days testing and trying several samples like okta-aspnet-mvc-example i’m at a lost as to what the issue is.

I have read about an authorisation server which defaults to “default” but I cannot find that in the Okta admin console.

I’m at a loss at the moment and welcome any suggestions

kind regards

Paul

It looks like the sample assumes you are using a developer preview org with a custom authorization server named “default”.

https://developer.okta.com/docs/concepts/auth-servers/#default-custom-authorization-server

If you paste the discovery endpoint in the browser (https://${yourOktaDomain}/oauth2/default/.well-known/openid-configuration, do you see a json payload with an issuer value or do you see an error such as "You do not have permission to access the feature you are requesting"?

Hi Warren

result was

{“errorCode”:“E0000015”,“errorSummary”:“You do not have permission to access the feature you are requesting”,“errorLink”:“E0000015”,“errorId”:“oaeETas7wFYT3mnlYhhzoYhoQ”,“errorCauses”:}

It sounds like the API Access Management feature might have been disabled on your developer preview org. You might want to open a support ticket with Okta to confirm that.

Alternatively, you could try to modify the “okta:OrgUri” to your Okta org url without the /oauth2/default and see if the code would work with the org authorization server.

Hi

so it turns out that the trial account has authorisation server enabled. Therefore my code worked due to a feature that is now NOT enabled on the live production okta account.

And to top it off you have to pay more money for that feature. Lost for Words!