Okta .NET management SDK migration guide

This library uses semantic versioning and follows Okta's library version policy. In short, we don't make breaking changes unless the major version changes!

Migrating from 2.0.0 to 3.x

Version 3.0.0 of this library introduces a number of breaking changes from previous versions; in addition to new classes some class definitions are no longer backward compatible due to method renames and signature changes, see Breaking Changes.

Breaking Changes

The following is a list of changes that break backward compatibility in version 3.0.0.

Okta.Sdk.OktaClient

CreatedScoped(Okta.Sdk.RequestContext requestContext)
— Renamed CreateScoped(Okta.Sdk.RequestContext requestContext)

Okta.Sdk.GroupsClient

ListGroups(string q, string filter, string after, int limit, string expand)
— Signature changed ListGroups(string q, string filter, string after, int limit)
ListRules(int limit, string after, string expand)
— Renamed with new signature ListGroupRules(int limit, string after, string search, string expand)
CreateRuleAsync(Okta.Sdk.IGroupRule groupRule, CancellationToken cancellationToken)
— Renamed CreateGroupRuleAsync(Okta.Sdk.IGroupRule groupRule, CancellationToken cancellationToken)
DeleteRuleAsync(string ruleId, bool removeUsers, CancellationToken cancellationToken)
— Renamed with new signature DeleteGroupRuleAsync(string ruleId, CancellationToken cancellationToken)
GetRuleAsync(string ruleId, string expand, CancellationToken cancellationToken)
— Renamed GetGroupRuleAsync(string ruleId, string expand, CancellationToken cancellationToken)
UpdateRuleAsync(Okta.Sdk.IGroupRule groupRule, string ruleId, CancellationToken cancellationToken)
— Renamed UpdateGroupRuleAsync(Okta.Sdk.IGroupRule groupRule, string ruleId, CancellationToken cancellationToken)
ActivateRuleAsync(string ruleId, CancellationToken cancellationToken)
— Renamed ActivateGroupRuleAsync(string ruleId, CancellationToken cancellationToken)
DeactivateRuleAsync(string ruleId, CancellationToken cancellationToken)
— Renamed DeactivateGroupRuleAsync(string ruleId, CancellationToken cancellationToken)
GetGroupAsync(string groupId, string expand, CancellationToken cancellationToken)
— Signature changed GetGroupAsync(string groupId, CancellationToken cancellationToken)
ListGroupUsers(string groupId, string after, int limit, string managedBy)
— Signature changed ListGroupUsers(string groupId, string after, int limit)
RemoveGroupUserAsync(string groupId, string userId, CancellationToken cancellationToken)
— Renamed RemoveUserFromGroupAsync(string groupId, string userId, CancellationToken cancellationToken)

Okta.Sdk.PoliciesClient

ListPolicies(string type, string status, string after, int limit, string expand)
— Signature changed ListPolicies(string type, string status, string expand)
AddPolicyRuleAsync(Okta.Sdk.IPolicyRule policyRule, string policyId, bool activate, CancellationToken cancellationToken)
— Signature changed AddPolicyRuleAsync(Okta.Sdk.IPolicyRule policyRule, string policyId, CancellationToken cancellationToken)

Okta.Sdk.UserFactorsClient

AddFactorAsync(Okta.Sdk.IFactor factor, string userId, bool updatePhone, string templateId, int tokenLifetimeSeconds, bool activate, CancellationToken cancellationToken)
— Renamed with new signature EnrollFactorAsync(Okta.Sdk.IUserFactor body, string userId, bool updatePhone, string templateId, int tokenLifetimeSeconds, bool activate, CancellationToken ca ncellationToken)
ActivateFactorAsync(Okta.Sdk.IVerifyFactorRequest verifyFactorRequest, string userId, string factorId, CancellationToken cancellationToken)
— Renamed with new signature ActivateFactorAsync(Okta.Sdk.IActivateFactorRequest body, string userId, string factorId, CancellationToken cancellationToken)

Okta.Sdk.UsersClient

ListUsers(string q, string after, int limit, string filter, string format, string search, string expand)
— Signature changed ListUsers(string q, string after, int limit, string filter, string search, string sortBy, string sortOrder)
CreateUserAsync(Okta.Sdk.IUser user, bool activate, bool provider, Okta.Sdk.UserNextLogin nextLogin, CancellationToken cancellationToken)
— Signature changed CreateUserAsync(Okta.Sdk.ICreateUserRequest body, bool activate, bool provider, Okta.Sdk.UserNextLogin nextLogin, CancellationToken cancellationToken)
ListAppLinks(string userId, bool showAll)
— Signature changed ListAppLinks(string userId)
ListUserGroups(string userId, string after, int limit)
— Signature changed ListUserGroups(string userId)
ExpirePasswordAsync(string userId, bool tempPassword, CancellationToken cancellationToken)
— Signature changed ExpirePasswordAsync(string userId, CancellationToken cancellationToken)
ResetAllFactorsAsync(string userId, CancellationToken cancellationToken)
— Renamed ResetFactorsAsync(string userId, CancellationToken cancellationToken)
ResetPasswordAsync(string userId, Okta.Sdk.AuthenticationProviderType provider, bool sendEmail, CancellationToken cancellationToken)
— Removed; instead use any of the following:
- ForgotPasswordGenerateOneTimeTokenAsync(string userId, bool sendEmail, CancellationToken cancellationToken)
- ForgotPasswordSetNewPasswordAsync(Okta.Sdk.IUserCredentials user, string userId, bool sendEmail, CancellationToken cancellationToken)
- ExpirePasswordAsync(string userId, CancellationToken cancellationToken)
- ExpirePasswordAndGetTemporaryPasswordAsync(string userId, CancellationToken cancellationToken)
ListAssignedRoles(string userId, string expand)
— Renamed ListAssignedRolesForUser(string userId, string expand)
EndAllUserSessionsAsync(string userId, bool oauthTokens, CancellationToken cancellationToken)
— Renamed ClearUserSessionsAsync(string userId, bool oauthTokens, CancellationToken cancellationToken)

New Okta Clients

The following is a list of context specific clients that are new in version 3.0.0. Instances of each are available as properties of an OktaClient instance where the name of the property is the name of the type with the "Client" suffix removed.

Okta.Sdk.AuthorizationServersClient, see Authorization Servers API.
Okta.Sdk.EventHooksClient, see Event Hooks Management API.
Okta.Sdk.FeaturesClient, see Features API.
Okta.Sdk.IdentityProvidersClient, see Identity Providers API.
Okta.Sdk.InlineHooksClient, see Inline Hooks Management API.
Okta.Sdk.LinkedObjectsClient, see Linked Objects API.
Okta.Sdk.TemplatesClient, see Custom Templates API.
Okta.Sdk.TrustedOriginsClient, see Trusted Origins API.
Okta.Sdk.UserTypesClient, see User Types API.

Migrating from 0.3.3 to 1.x

The previous version of this library, Okta.Core.Client, has been rewritten from the ground up as Okta.Sdk (this project). This was done to improve stability and to add support for .NET Core alongside .NET Framework.

Because this was a breaking change, Okta.Sdk was published with version numbers starting from 1.0. The last published version of Okta.Core.Client is 0.3.3.

New configuration model

This library now supports a flexible configuration model that allows you to provide configuration in code, via a JSON or YAML file, or via environment variables.

The simplest way to construct a client is via code:

var client = new OktaClient(new OktaClientConfiguration
{
    OrgUrl = "https://{{yourOktaDomain}}",
    Token = "{{yourApiToken}}"
});

New method organization

In version 0.3.3, you had to create a new UsersClient() or call client.GetUsersClient() to get access to methods that operated on a User (for example). This has now been simplified to client.Users:

var vader = await client.Users.CreateUserAsync(...);

The Users object acts as a collection, so you can also do:

var allUsers = await client.Users.ToArray();

The readme in this repository contains a number of usage examples.

Async by default

In version 1.0 and above, every method that makes a network call is Task-returning and awaitable. Use await when calling these methods, and avoid using .Result or .Wait() unless absolutely necessary.

Authentication API support moved

In version 0.3.3, the AuthClient class provided the ability to call the Authentication API to log a user in with a username and password, or perform other tasks like enrolling and challenging factors during authentication. The object and security model of the Authentication API compared the rest of the management APIs (Users, Factors, Groups, etc.) is different enough that it made sense to split it into two libraries.

Starting with version 1.0, Authentication has been broken out into a separate library, the Okta .NET Authentication SDK.

Many applications can use our ASP.NET and ASP.NET Core middleware to log users in without needing to call the Authentication API directly, and we recommend only using the Authentication SDK in complex scenarios that can't be handled with the middleware or widget.

Getting help

If you have questions about this library or about the Okta APIs, post a question on our Developer Forum.

If you find a bug or have a feature request for this library specifically, post an issue here on GitHub.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

MIGRATING.md

MIGRATING.md

Okta .NET management SDK migration guide

Migrating from 2.0.0 to 3.x

Breaking Changes

New Okta Clients

Migrating from 0.3.3 to 1.x

New configuration model

New method organization

Async by default

Authentication API support moved

Getting help

Files

MIGRATING.md

Latest commit

History

MIGRATING.md

File metadata and controls

Okta .NET management SDK migration guide

Migrating from 2.0.0 to 3.x

Breaking Changes

New Okta Clients

Migrating from 0.3.3 to 1.x

New configuration model

New method organization

Async by default

Authentication API support moved

Getting help