My SAML Service Provider uses HTTPS. When configuring the application in Okta, I provided the https url in the "Single Sign On URL" field for my application (settings screenshot below). But Okta is posting assertions to my service provider via plain HTTP. Is there a setting that I'm mising somewhere?
My ACS is detecting the difference in the url scheme and is throwing the following error:
The response was received at http://murphy.alertmedia.com/api/sso/saml instead of https://murphy.alertmedia.com/api/sso/saml (invalid_response)
I want assertions sent over HTTPS if possible, thanks for any help!
Based on what we`re seeing the assertion should be sent over HTTPS. However, we would need to further investigate you application`s setup on Okta`s end and also we would like to gather some logs and a SAML assertion, so I would recommend you opening a ticket with Okta Support so we can best assist you in your integration.
Alexandru Preda Technical Support Engineer Okta Global Customer Care
Hey Alex, thanks for getting back to me. Our company provides a Verified Appliction in the App directory for our customers, but we don't use Okta for user management. So when I go to open a support case, I have no options in the "Okta Org" dropdown (see screenshot). How can I get around this to open a support case?