Okta API Access Management Sample Resource Server (ASP.NET Core)

This code sample demonstrates the use of Okta API Access Management for authorizing access to a backend API using Okta's Authorization Servers.

This ASP.NET Core OAuth 2.0 Resource Server will only accept calls to its TodoController if:

1. The incoming request contains a valid Bearer OAuth token originating from the configured Okta organization
2. The OAuth token includes the "todolist.read" scope generated by the Okta Authorization Server for the user performing the API access request to the TodoController.

Development environment instructions

This code sample was written with Visual Studio 2015 Community Edition Update 3.

Setting up the sample

1. Follow the instructions to set up the companion Windows console client app.
2. In the config.Development.json file, report the Okta organization url and the Client ID values from your OpenID Connect app as well as the url and audience of your Okta Authorization Server (as documented in the config.json file).

Running the sample

In order to run the sample, follow the instructions below:

1. Switch from IIS Express to Okta.DNX.OAuth.ResourceServer in the Visual Studio Debug button. This ensures the Web API server will start at http://localhost:5000/api/ in a console application (as specified in the launchSettings.json file).
2. Launch the Okta.DNX.OAuth.ResourceServer project in debug mode.
3. Run the companion Windows console client app.
4. After signing in, type 'c' in the command line and watch the call being processed in the Web API server console.
5. If you don't see a message such as "The result from the API call is [{"key":...,"name":"Item1","isComplete":false}]" in the Windows Console sample app, take a look at the Okta.DNX.OAuth.ResourceServer console for any message that may be indicative of the issue.