SAML fails on top level domain test level only, why? Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Garth HuelsGarth Huels 

SAML fails on top level domain test level only, why?

We are receiving "Could not validate SAML response" and redirect back to Okta when clicking the chiclet for the top level Test instance only.

Detail: We have 4 chiclets pointing to ServiceNow instances
  • - - production instance, authenticates fine
  • - - hr portal built on production instance, authenticates fine
  • - - test instance "Could not validate SAML response"
  • - - hr portal built on test instance, authenticates fine

I am the ServiceNow admin, not the Okta admin, so pardon my ignorance, but I worked with the Okta admin and verified that the configuration looks identical, other than "test" added to the url. He said he doesn't do much configuration for the top level urls, just enters them in and uses the default Okta setup. The HR pages have a lot more configuration detail (customization).

The setup is identical between the instances on the ServiceNow side, down to the Okta API key, which the Okta admin doesn't know why we even have one entered as there is no key entered in Okta for either instance.

So, where should I be looking to find the reason why only the test instance fails, only at the top level url? Thanks!
Matt MaherMatt Maher (Okta, Inc.)
Hi Garth,
I think it would be best if you opened a Support Ticket with us regarding this issue. We will need to gather more specific details about your setup and a private support ticket is the best approach. Let me know if you have any other questions.
Garth HuelsGarth Huels
Thanks, I'm working with ServiceNow support at the moment, will open a ticket if I still can't figure out what's going on (which is likely ;-) )