I am trying to set up configuration for okta in .net core.
I have created a developer account. I want to use oAuth/OIDC.
In appsettings, under domain,
“Okta”: {
“Domain”: “https://dev-vnlvlqu8reyoqrcn.us.auth0.com/api/v2/”
},
I have used the value which was there in dashboard’s API section Auth0 Management API identifier.
I am getting this error.
{“IDX20803: Unable to obtain configuration from: ‘https://dev-vnlvlqu8reyoqrcn.us.auth0.com/api/v2/oauth2/default/.well-known/openid-configuration’.”}|System.InvalidOperationException|
Also, this is the code in program.cs
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = OktaDefaults.ApiAuthenticationScheme;
options.DefaultChallengeScheme = OktaDefaults.ApiAuthenticationScheme;
options.DefaultSignInScheme = OktaDefaults.ApiAuthenticationScheme;
}
).AddOktaWebApi(new OktaWebApiOptions()
{
OktaDomain = Configuration[“Okta:Domain”].ToString()
}
Am I missing out on something?
Those are Auth0 domains in your configuration so I recommend reaching out in the Auth0 Community with this question.
If you need to test with an Okta account, you can create an Okta dev account here.
Like @nicole mentioned, you seem to be using an Auth0 org with Okta’s .NET MVC library. I’m not positive whether or not that will work (I should note that okta-aspnet is just a wrapper around OWIN and is designed to work with Okta’s OAuth implementation). You could look to use Auth0s library instead, I’m betting it will be a bit smoother sailing for you. This article looks to walk through the full set-up: Add Login to your ASP.NET MVC application | Auth0
The main error you seem to be encountering is related to how the library attempts to hit the OIDC metadata endpoint. From what I’ve seen, this is based on a combination of OktaDomain and AuthorizationServerId.
I don’t know as much about Auth0/CIC’s request paths for their authorization servers, but you could try setting AuthorizationServerId to string.Empty (which Okta WIC/CIS already supports). It should then try to hit the well-known endpoint by just slapping /.well-known/openid-configuration onto the end of the OtkaDomain value (which I believe you will need to remove /api/v2/ from), which I see does seem to be the correct metadata endpoint for your org: https://dev-vnlvlqu8reyoqrcn.us.auth0.com/.well-known/openid-configuration.
Like I said, not sure if this will wind up working as I haven’t tested this library with an Auth0 org before and you might wind up running into other discrepancies with assumptions made in Okta’s library, but could be worth a shot!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.