The Okta Sign-In Widget version 4 or above breaks the F5 Virtual Private Network (VPN) thick client on Windows machines. The F5 Edge Client embedded browser fails to process the history.pushState method called by the widget router feature, which generates a JavaScript error. Disabling the router feature in the custom sign-in widget template resolves the error and allows the widget to render correctly.
- Okta Identity Engine (OIE)
- Okta Classic Engine
- Okta Sign-In Widget
- F5 BIG-IP Edge Virtual Private Network (VPN) Client 72.10.2020
The history.pushState method exists in most browsers and the F5 Edge Client, but it throws the following error when called:
Unspecified error
The F5 Edge Client embedded browser contains a bug or disables this method for security reasons. The Okta Sign-In Widget calls this method as part of the router feature, which is enabled by default. The router feature allows browser history forward and back buttons to navigate through the authentication flow.
How can Okta Administrators resolve the Unspecified error that is received by end users accessing the Sign-in widget?
Modify the custom sign-in widget template to disable the router feature for the F5 BIG-IP Edge Client and prevent the JavaScript error.
- Locate the following line in the custom sign-in widget template:
var config = OktaUtil.getSignInWidgetConfig();
- Add the following code immediately after the located line to disable the router feature when running within the F5 BIG-IP Edge Client:
if (navigator.userAgent.indexOf('Gecko EdgeClient') > 0) {config.features.router = false;}
NOTE: The router feature uses the browser history API to restore the saved state when a user presses the back button. The F5 client lacks a back button, and F5 forcibly disables the functionality for security reasons.
Related References
