This repository sohws you how to impliment the client credentials flow on an ASP.NET Core Web API using Okta. Please read Secure Your .NET 6 Web API to see how it was created.
Prerequisites:
-
Okta has Authentication and User Management APIs that reduce development time with instant-on, scalable user infrastructure. Okta's intuitive API and expert support make it easy for developers to authenticate, manage and secure users and roles in any application.
Navigate to the Security > Api page in your Okta admin portal and obtain the Issuer URI
from the default
Authorization Server.
Click on the default
authorization server.
Navigate to the Scopes
tab.
Click Add Scope. Name it api
and give it a phrase and description.
Navigate Applications > Applications.
Click Create App Integration.
Select API Services
Name your application DotNet6ClientFlow
.
Click Save.
Note your Client ID and Client secret.
To run this example, run the following commands:
git clone https://github.com/nickolasfisher/Okta_DependencyInjection_DotNet.git
cd Okta_DotNetSixClientFlow
Create a file called appsettings.Development.json
and add the following code to it.
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"Okta": {
"Issuer": "{yourIssuer}"
}
}
Start debugging your application.
Open your API test tool of choice and set up your request to the Okta authorization server.
{yourBase64EncodedCredentials} is of the format {yourClientId}:{yourClientSecret}
Base64 encoded
- {yourIssuer}/v1/token POST
- headers
- Accept:
application/json
- Authorization:
Basic {yourBase64EncodedCredentials}
- Content-Type:
application/x-www-form-urlencoded
- Accept:
- body
- grant_type:
client_credentials
- scope:
api
- grant_type:
The response will have a field for access_token
.
Create a new request in your API test tool and use the following setup.
- {yourWebAPIDomain}/weatherforecast GET
- headers
- Authorization:
Bearer {yourAccessToken}
- Authorization:
This example uses the following open source libraries from Okta:
Please post any questions as comments on the blog post, or visit our Okta Developer Forums.
Apache 2.0, see LICENSE.