Widget Conversion

We have a new web application that’s in development and we’re currently utilizing Okta for the user login experience. But, we need to customize the sign-in page per the specs. So, we are now trying to convert the app to use the sign-in widget.

Everything seems to be working correctly, but, there is one issue we can’t seem to figure out or find any help on.

If the user is not authenticated and navigates to a page/folder where the “Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter” is set, the Okta-hosted sign-in page appears instead of the self-hosted page.

The web app is written in AspNetCore 2.2 using MVC Razor Pages.

We’ve found a workaround by modifying the OnGet() for every page and removing the “AuthorizeFilter”.

There has to be a better way!

Any help would be appreciated,


public void ConfigureServices(IServiceCollection services)
        .AddAuthentication(options =>
            options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = OktaDefaults.MvcAuthenticationScheme;
        .AddOktaMvc(new OktaMvcOptions()
            ClientId = Configuration["oktaClientId"],
            ClientSecret = Configuration["oktaClientSecret"],
            OktaDomain = Configuration["oktaDomain"],
            Scope = new List<string> { "openid", "profile", "email", "brightwayapi" },
            GetClaimsFromUserInfoEndpoint = true

    services.Configure<CookiePolicyOptions>(options =>
        options.CheckConsentNeeded = context => true;
        options.MinimumSameSitePolicy = SameSiteMode.None;

    services.AddSession(options =>
        options.IdleTimeout = TimeSpan.FromSeconds(10);
        options.Cookie.HttpOnly = false;

        .AddRazorPagesOptions(options =>