'How SSO is working with OKTA

Am trying to build few application that uses OKTA as IdP and utilizes OKTA-SSO.

I have seen the OKTA Music Store application that uses our okta Id as login id. How can I build / what changes i need to make in new C# web apps so that SSO works.

If some sample project or links would be helpful

single-sign-onoktaasp.netazureredisazure-web-app-serviceredislabs


Solution 1:[1]

You have several options when adding SSO to an Okta application. The easiest method would be to add support for WS-Fed to your application. See Okta's guide to Configuring the Okta Template WS Federation Application for more details on that.

Another option would be to add support SAML. However, how you add SAML support your application depends a lot on how your application models users and entitlements. Okta has high level guidance for Single Sign-On with Okta that can help you plan for adding SAML support. For .NET Framework 4.5 or above, Okta recommends the Kentor Authentication Services package. For .NET Framework 4 or below, Okta recommends ComponentSpace SAML 2.0

Solution 2:[2]

You can also consider doing some of it yourself (via OIDC) - for some part building upon the 'Microsoft.IdentityModel.Protocols.ConfigurationManager', 'Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration' & 'System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler' classes, and some OP (OIDC Provider) endpoint calls using the 'HttpClient' class.

I believe involving NuGet packages such as:

  <package id="Microsoft.IdentityModel.JsonWebTokens" version="6.7.1" targetFramework="net472" />
  <package id="Microsoft.IdentityModel.Logging" version="6.7.1" targetFramework="net472" />
  <package id="Microsoft.IdentityModel.Protocols" version="6.7.1" targetFramework="net472" />
  <package id="Microsoft.IdentityModel.Protocols.OpenIdConnect" version="6.7.1" targetFramework="net472" />
  <package id="Microsoft.IdentityModel.Tokens" version="6.7.1" targetFramework="net472" />

Be mindful to also include the use of the PKCE (Proof Key for Code Exchange / 'pixie') extension on top of the (OAuth) 'Authorisation Code' flow.

Solution 3:[3]

App service configuration is absolutely nothing to do with how you you're connecting to redis. Please make sure you use port 80 to connect to redis. Please refer this while making connection with redis. using StackExchange.Redis;

readonly ConnectionMultiplexer muxer = ConnectionMultiplexer.Connect("hostname:port,password=password"); IDatabase conn = muxer.GetDatabase();

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Joël Franusic
Solution 2 DennisVM-D2i
Solution 3 Rohit Tatiya

Related Questions

Passing data from database containing new line breaks jquery

Creating .ICS files, adding to outlook

ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d

The configuration section cannot contain a CDATA or text element

Attempting to make enter button 'clickable'

automapper map interface to interface or object

How to show or hide contents of an aspx page based on current user's roles

The server response was: 5.7.0 Must issue a STARTTLS command first. i16sm1806350pag.18 - gsmtp

IIS 8.0 Detailed 500.0 Internal Server Error - IsapiModule Not Found

EntityDataSource - how to do WHERE Clause from different table

No authentication handler is registered for the scheme 'Cookies'. The registered schemes are: Application, Bearer, ASOS

How to use jquery in ASP.​NET Core

Create HTML table from a list

How to change Text of button in FileUpload control and set value to textbox

How to add project reference to ASP.NET Core 1.0 MVC project