I started my okta journey here. https://github.com/oktadeveloper/okta-appauth-xamarin-example
This is a very easy git to follow. I successfully got it working. I’m now trying to add support to log in with a Microsoft Identity Provider. This is giving me all kinds of headache.
I’ve followed the documentation here. https://developer.okta.com/authentication-guide/social-login/microsoft
I’ve created my Authentication Url and replaced the parameters as required. All I changed with the xamarin app was replace the user of the DiscoveryEndpoint in the LoginProvider with my Auth url (doing this for android first). I was having an issue with my redirect url at first but I’m 99% sure that is okay now as the dashboard is no longer reporting illegal_redirect_uri.
There were 2 parameters I didn’t know how to fill. nonce and state. The documentation says nothing about how to actually get these values. It says that you get these with the ID token but that doesn’t make any sense as this would be the first url you use to log in. I was getting an invalid_nonce error. After adding a random value for this “abc” or using the example from the documentation I no longer get this invalid_nonce error. But without the state parameter added I continue to get an invalid_state parameter (the code throws an AuthorizationException and the error is reported on the okta dashboard). So I tried the same thing with nonce, I tried using the sample value from the doc, knowing this wouldn’t work but trying anyway. When I add in this value I get the same exception, but now there is no error listed on the dashboard, as if okta didn’t even receive my request.
So I have a few questions.
How do I get the true nonce and state values? Is replacing DiscoveryEndpoint with my Authorization Url appropriate? Or should I be calling this a different way? How come there are no samples or posts about this? Has no one ever tried this before? Doing something like this in auth0 is simple, yet this seems exponentially complex. Am I missing something simple/obvious? Why is it not listed in the documentation? The documentation seems to be designed for a different use case, that one sample xamarin project (and it’s corresponding native samples) seem to be the only examples online of this type of use case, yet they don’t cover using identity providers.
Any help or hints on this would be greatly appreciated, I’ve already wasted enough time trying to figure this out.