Using ASP.NET netcore example getting White list to redirect error

When using the Okta ASP.NET SDK, why do I get a White list to redirect error upon when the documentation states to configure it to the following login URI .

https://localhost:44314/authorization-code/callback

I have set the trusted origins, I have set the application to redirect the URL to the callback URL.
Yet it does not work, but in other languages like Golang it works perfectly!

Is the ASP NET library broken?

Gathering by the number of unanswered issues in your forum, on the same issue, this looks to be quite a common issue. Yet there are really no solutions posted why is that?
For https://dev-837735.okta.com

regards
Dave

Have you added this callback url to the “Login redirect URIs” list for your application within Okta? It sounds like you’re running into this error: "The redirect_uri parameter must be an absolute URI that is whitelisted in the client app settings"

Yes, this is the error I am getting.
I have gone over the docs multiple times looking for something that I may have done wrong but I am unable to find anything why this won’t work for the net core example.
In short, I have two Applications defined pointing to the https://dev-837735.okta.com one is developed in Golang and one is in net core. Go version works perfectly (pcke implementation), yet the net core version repeated gives me the white list error. To be honest I am at loss as to why this would be occurring and I am looking for where to look next in an attempt to solve this issue. Unfortunately, I need the net core implementation to slot into a development stack.
Any ideas would be grateful.

When you encounter the error, what is the redirect_uri you see being passed in the authorize request in the URL? This is the best way to determine what Okta is seeing as the redirect URI coming in:

https://dev-837735.okta.com/oauth2/default/v1/authorize?client_id=0oavxbo2eLu7MOxTw4x6&redirect_uri=https%3A%2F%2Flocalhost%3A44314%2Fauthorization-code%2Fcallback&response_type=code&scope=openid%20profile%20email&code_challenge=R09Zxu5yRIx4xUQbISCHipE0vQ92CjAEc036VJfI24k&code_challenge_method=S256&response_mode=form_post&nonce=637369347486312646.YjU2NGY4YjMtYjQ2ZC00NTRmLWFkOTUtMGQyNjg5NzdkMDhkNTBmYWM5OWMtMWM3Yi00N2IwLTlkNDgtN2JjZGYxODE5ZThl&sessionToken=20111hU7tzFB16FV9jTASHrU8KNxJZnr3QQZDFz6sUe9dzqaB_lJXC0&state=CfDJ8P60MEY8479OimRsYQtdzmHscQgZJlV4H9C_KQ2GnXKwGwEhP57lTHkSykLwdtat0QrYkh62PY7oT3K9eF4vXqU2LPq8IczBbSAjURPH4A4k-vwKaZagEZQA1lA9gkqph3uplqUPC4_t0skC-jbRtvBOLfDnM2mVX_WfU55mfuwMmzDwhiZS-_-Ai6NoU_FEodfkotriwRMc9nHK-5aePSt2u1ePNF0E0b5W40O5nQsbU4P1Mu0BeOQNkJdCY8yuFLghQ6XfDBzI4s5yZOcX6rWw6qGk6g_UI9bky78U5SslJGEKflB5BT2TPewT97mRp7U8VfHI-MEuBc5W3MhWfPzh8QgjDHJvYgaDZOmYixu9jN68h6sPW6GkBEaJ6qr38ox8pYTH9ZD2-Rumt80qCAFsZ_ouw_uY7aDOo1hUPW3AzhwvhqcsaZwGJ4GB_nJWYm0XZJGkqjY0dR9_GVHOoMd6N4Un5i5CPGUuMPOkzL2-&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0

which is the https://localhost:44314/authorization-code/callback

thanks for the quick response.

hmmm… And you’re definitely using the right client_id and Okta org? I’m seeing the same error you are with that url and per your screenshot it looks like you do have the right login redirect URI configured.

Sure have I have checked it so many times I think I am starting to go crazy looking for ideas as to why?

@Dave It might be easier for you to contact support@okta.com and open a support case to get help there. Someone can review your logs and configuration settings to be sure we’re not missing anything.

1 Like

@Dave Could you use http instead of https in the OKTA configuration, as it redirecting to a private URL.

Instead of: https://localhost:44314/authorization-code/callback
Add: http://localhost:44314/authorization-code/callback