Okta

Configure workforce identity with Okta.

Step 1: Install the package

dotnet add package PrimusSaaS.Identity.Broker

Step 2: Configure Program.cs and middleware

using PrimusSaaS.Identity.Broker;

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddPrimusAuthBroker(builder.Configuration, builder.Environment.IsDevelopment());
builder.Services.AddControllers();

var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.UsePrimusCsrfProtection();
app.MapControllers();
app.MapPrimusAuthBroker();
app.Run();

Step 3: Configure appsettings.json

{
  "Okta": {
    "Domain": "https://dev-123456.okta.com",
    "ClientId": "YOUR_CLIENT_ID",
    "ClientSecret": "YOUR_CLIENT_SECRET"
  }
}

How to get configuration values

Log in to the Okta Admin Console.
Go to Applications > Create App Integration.
Select OIDC - Web Application.
Sign-in redirect URI: https://your-api.com/api/auth/okta/callback
Copy Client ID and Client Secret.

Step 4: Configure endpoint

Broker endpoints are mapped by app.MapPrimusAuthBroker().

GET /api/auth/providers
GET /api/auth/okta
GET /api/auth/me

Step 5: Test the endpoint

Call GET /api/auth/providers once on app startup to seed the CSRF cookie.
Navigate to GET /api/auth/okta and sign in.
Call GET /api/auth/me to confirm the session.

Step 1: Install the package​

Step 2: Configure Program.cs and middleware​

Step 3: Configure appsettings.json​

Step 4: Configure endpoint​

Step 5: Test the endpoint​

Step 1: Install the package

Step 2: Configure Program.cs and middleware

Step 3: Configure appsettings.json

Step 4: Configure endpoint

Step 5: Test the endpoint