Azure API Developer portal - Okta Integration

Question

We are planning to use API Management for our APIs. In order to expose the API to our clients, we are using Okta for authentication & authorization.

Does APIM provide this configuration ? I was looking at delegation but it seems we need to add our own redirect page for doing something like this.

Please correct me if i am wrong.

Our end goal is to do APIM developer portal authentication using Okta.

Answer 1

OKTA provides authorization server to manage identity of user. We can use OKTA to manage user identity over our web application.

Refer to the following steps to use OKTA to secure API in Azure API Management.

1.Create New Application in OKTA developer portal.

2.Allow Grant Type as Client credential and Authorization code both.

3.Copy Client Secret and Client ID.

4.Register OKTA Authorisation server as O-Auth 2.0 Service.

5.For Securing API specify JWT Validation Policy:

<validate-jwt header-name="Authorization" failed-validation-httpcode="401" failed-validation-error-message="Unauthorized. Access token is missing or invalid.">
<openid-config url="https://dev-374027.okta.com/oauth2/default/.well-known/oauth-authorization-server" />
<required-claims>
<claim name="aud" match="any">
</claim>
</required-claims>
</validate-jwt>

For more details, you could refer to this article and this one.