<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base

Why the IDP Issuer URL Uses HTTP Instead of HTTPS in the Setup Instructions of a SAML Application

Last Updated:

Single Sign-On
Integrations
Okta Classic Engine
Okta Identity Engine

Overview

The issuer plays a crucial role in a Security Assertion Markup Language (SAML) assertion. The issuer is typically the Identity Provider (IdP), an entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying parties.


Security Assertion Markup Language (SAML) 

Applies To

  • IdP Issuer URL 
  • SAML Applications

Solution

The Issuer/Identifier ID in a SAML assertion must not be a valid URL path.
This HTTP part is not related to security. The value needs to match what the service provider is expecting.
However, the Assertion Consumer Service (ACS) URL must always be SSL and a valid URL.

Related References

Recommended content

Still looking for help?
Loading
Okta Support - Why the IDP Issuer URL Uses HTTP Instead of HTTPS in the Setup Instructions of a SAML Application