Hello,
I was wondering if there is an easy way to implemented OKTA to allow a Web Connection site (using wwUserSecurity class for user logins) to facilitate Single Sign on (SSO) to a third party?
I would greatly appreciate any tips or examples.
Thank you!
Not that I know of - I've never even heard of OKTA. Cursorary glance suggests it's an OpenID implementation that can be integrated via authentication flow.
You can hook anything into the User Security system, but you have have to handle retrieval of the OpenID token specifically for the framework you're integrating with so you can store it as part of the credentials that are saved in the user security tables.
It's doable but not trivial. FWIW, if you're using a third party solution for authentication they usually have the tools and APIs to manage all the auth needs externally so you may not actually need to use wwUserSecurity - you'd just validate the token instead.
+++ Rick ---
+++ Rick ---
Justin,
Just wondering if you came up with a solution to your Okta SSO login challenge. I am facing the same situation. Can't decide if I should build a C# solution or look at the chilkat library solution.
-- Kevin
The only technical requirement for this to work is that you need a JWT JSON token parser, and you can use one of those via .NET and one of the JWT libraries that are available and use wwDptnetBridge to access it. The rest is implementing the authentication flow via the necessary endpoints to handle the callback requests from the oAuth flow. It's a bit of a pain (regardless which platform you use) with a bit of trial and error for testing but otherwise fairly straight forward.
oAuth flow is similar to identical between different providers so once done you can likely reuse much of that code for other SSO solutions using oAuth/OpenId Connect.
+++ Rick ---
I found this tutorial to be helpful in getting started. It is almost 5 years old and uses MVC Core 2.2 (and doesn't use PKCE), but nonetheless it got me started. I just run this app and then write the json user info to a vfp app folder to read when webConnection is accessed. Once I get it running in production, I'll see if I can post the full solution (exposing my lack of knowledge in C#/mvc core!!).
https://developer.okta.com/blog/2019/07/12/secure-your-aspnet-core-app-with-oauth