Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[Feature Request] MSAL support for other IdP's such as Okta
See original GitHub issueHi, is MSAL only compatible with MS Authorization servers or we could use it with other authorization server as well? I’m trying to use it with Okta and the first error I’m getting is about the ClientID which should be a Guid, because of this code:
//Adfs does not require client id to be in the form of a Guid
if (Config.AuthorityInfo?.AuthorityType != AuthorityType.Adfs && !Guid.TryParse(Config.ClientId, out _))
{
throw new MsalClientException(MsalError.ClientIdMustBeAGuid, MsalErrorMessage.ClientIdMustBeAGuid);
}
OAuth / OpenId does not seem to have any particular restriction on ClientID to be a GUID.
Issue Analytics
- State:
- Created 4 years ago
- Reactions:14
- Comments:12 (3 by maintainers)
Top Results From Across the Web
6 Reasons Microsoft Customers Choose Okta for Identity
Learn why Microsoft customers choose Okta as their identity access management (IAM) solution based on these six critical areas.
Read more >What's the Difference Between OAuth, OpenID Connect, ...
The main differentiator between these three players is that OAuth 2.0 is a framework that controls authorization to a protected resource such as ......
Read more >Configure Single Logout in app integrations
Single Logout (SLO) is a feature in federated authentication that allows end users to ... Contact your SP directly to request that they...
Read more >Make Azure Active Directory an identity provider
In the Admin Console, go to SecurityIdentity Providers. Click Add Identity Provider and select Add SAML 2.0 IdP. Enter AAD or your preferred...
Read more >About Azure Active Directory SAML integration
About Azure Active Directory SAML integration. Typically, Okta acts as an identity provider (IdP) and delivers authenticated user profile data to downstream ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Oh crikey.
MSAL seems to be the one dotnet library that manages token refreshing, and is properly integrated with AspNetCore.
But, applications frequently need to integrate with other applications. Its the reason we use open standards like OpenID and OAuth.
I need to deal with federated auth that only includes AzureAD as part of the stack. Finding out I can’t use Microsoft.Identity.* to get and refresh my Keycloak and Okta tokens just wastes the time I’ve spend on the AzureAD part of the integration because now there is no general solution that covers all my target IdPs.
I guess I’m back to trying to do everything the hard way with IdentityModel
Would a PR be accepted to bring support of OAuth2 authorization server metadata and/or OpenIdConnect discovery endpoint to configure MSAL.NET in non AzureAD context ?