您应该在 Angular 应用程序中实现身份验证.由于 Oktai 是您的身份验证/SSO 服务，因此一般过程是用户将被重定向到 Okta 的登录页面进行登录，在用户输入凭据并且 Okta 验证凭据后，用户将使用代码重定向回您的 Angular 应用程序(如果使用授权代码)flow +PKCE) ，您的应用程序将向 Okta 服务发送请求，其中包含获取 ID 令牌和访问令牌的代码，访问令牌可用于访问受保护的 Web api.

You should implement authentication in your angular application . Since Oktais your authentication/SSO service , the general process is user will be redirect to Okta's login page to sign in , after user enter credential and the Okta validates the credential , user will redirect back to your angular application with code(if using Authorization code flow +PKCE) , your application will send request to Okta service with code for acquiring ID token and access token , access token could be used to access your protected web apis .

对于 Angular 应用程序，您可以使用 Okta AngularSDK 或 Okta Auth JavaScript SDK(Auth SDK 是较低级别的SDK 比 Okta Angular SDK).您可以参考下面的文章获取教程 &代码示例:

For angular application , you can use Okta Angular SDK or Okta Auth JavaScript SDK(The Auth SDK is a lower level SDK than the Okta Angular SDK) . You can refer to below article for tutorial & code sample :

https://developer.okta.com/quickstart/#/angular/nodejs/generic

这是另一篇文章，它提供了以 asp.net core web api 作为后端的详细步骤:

Here is another article which provide detail steps with asp.net core web api as backend :

https://developer.okta.com/blog/2018/04/26/build-crud-app-aspnetcore-angular

PKCE 流程概述:

https://developer.okta.com/文档/指南/implement-auth-code-pkce/overview/