When configuring the NetSuite SAML application found in the Okta Integration Network (OIN), the following error message may be thrown on the NetSuite side when attempting to Single Sign-On (SSO) to the application:
Exception while processing SAML response: Issuer in Response is invalid
- NetSuite
- SAML Integration
- Okta Integration Network (OIN)
- Single Sign-On (SSO)
If integrating using the Okta verified NetSuite application from the OIN catalog, the error message may be caused by two different configuration options:
- The Entity ID on the Application side does not match the Okta Entity ID found on the Okta side.
- The Account ID on the Okta side does not match the Account ID found on the NetSuite side.
The steps below should help resolve the issue:
Entry ID Mismatch
Copy and save the metadata found in View SAML Setup Instructions as metadata.xml, and then proceed with Steps 14 through 15 of How to Configure SAML 2.0 for NetSuite.
Account ID Mismatch
On the NetSuite side, navigate to Setup > Company > Company Information and copy the Account ID. Then, on the Okta side, on the Sign-On tab, scroll down to the NetSuite Account ID field. Paste the copied Account ID value in this field.
