HTTPS vs HTTP for ACS URL Skip to main content
https://support.okta.com/help/answers?id=9062a000000quizqa0&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Charles McBrideCharles McBride 

HTTPS vs HTTP for ACS URL

My SAML Service Provider uses HTTPS. When configuring the application in Okta, I provided the https url in the "Single Sign On URL" field for my application (settings screenshot below). But Okta is posting assertions to my service provider via plain HTTP. Is there a setting that I'm mising somewhere?

General SSO Settings

My ACS is detecting the difference in the url scheme and is throwing the following error:

The response was received at http://murphy.alertmedia.com/api/sso/saml instead of https://murphy.alertmedia.com/api/sso/saml (invalid_response)

I want assertions sent over HTTPS if possible, thanks for any help!
Alexandru PredaAlexandru Preda (Okta, Inc.)
Hello, 

Alex here with Okta's Customer Support Team.

Based on what we`re seeing the assertion should be sent over HTTPS.
However, we would need to further investigate you application`s setup on Okta`s end and also we would like to gather some logs and a SAML assertion, so I would recommend you opening a ticket with Okta Support so we can best assist you in your integration. 

Thank You,

Alexandru Preda
Technical Support Engineer
Okta Global Customer Care
Charles McBrideCharles McBride
Hey Alex, thanks for getting back to me. Our company provides a Verified Appliction in the App directory for our customers, but we don't use Okta for user management. So when I go to open a support case, I have no options in the "Okta Org" dropdown (see screenshot). How can I get around this to open a support case?

User-added image