Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Feature Request] MSAL support for other IdP's such as Okta

See original GitHub issue

Hi, is MSAL only compatible with MS Authorization servers or we could use it with other authorization server as well? I’m trying to use it with Okta and the first error I’m getting is about the ClientID which should be a Guid, because of this code:

//Adfs does not require client id to be in the form of a Guid
if (Config.AuthorityInfo?.AuthorityType != AuthorityType.Adfs && !Guid.TryParse(Config.ClientId, out _))
    throw new MsalClientException(MsalError.ClientIdMustBeAGuid, MsalErrorMessage.ClientIdMustBeAGuid);

OAuth / OpenId does not seem to have any particular restriction on ClientID to be a GUID.

Issue Analytics

  • State:open
  • Created 4 years ago
  • Reactions:14
  • Comments:12 (3 by maintainers)

github_iconTop GitHub Comments

chrisbeckecommented, Jan 19, 2022

Oh crikey.

MSAL seems to be the one dotnet library that manages token refreshing, and is properly integrated with AspNetCore.

But, applications frequently need to integrate with other applications. Its the reason we use open standards like OpenID and OAuth.

I need to deal with federated auth that only includes AzureAD as part of the stack. Finding out I can’t use Microsoft.Identity.* to get and refresh my Keycloak and Okta tokens just wastes the time I’ve spend on the AzureAD part of the integration because now there is no general solution that covers all my target IdPs.

I guess I’m back to trying to do everything the hard way with IdentityModel

g7ed6ecommented, Jan 23, 2023

Would a PR be accepted to bring support of OAuth2 authorization server metadata and/or OpenIdConnect discovery endpoint to configure MSAL.NET in non AzureAD context ?

Read more comments on GitHub >

github_iconTop Results From Across the Web

6 Reasons Microsoft Customers Choose Okta for Identity
Learn why Microsoft customers choose Okta as their identity access management (IAM) solution based on these six critical areas.
Read more >
What's the Difference Between OAuth, OpenID Connect, ...
The main differentiator between these three players is that OAuth 2.0 is a framework that controls authorization to a protected resource such as ......
Read more >
Configure Single Logout in app integrations
Single Logout (SLO) is a feature in federated authentication that allows end users to ... Contact your SP directly to request that they...
Read more >
Make Azure Active Directory an identity provider
In the Admin Console, go to SecurityIdentity Providers. Click Add Identity Provider and select Add SAML 2.0 IdP. Enter AAD or your preferred...
Read more >
About Azure Active Directory SAML integration
About Azure Active Directory SAML integration. Typically, Okta acts as an identity provider (IdP) and delivers authenticated user profile data to downstream ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found