<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jiwSABOkta Classic EngineOkta Integration NetworkAnswered2024-04-17T09:59:46.000Z2017-09-19T21:44:44.000Z2017-09-19T21:44:44.000Z

1a9hs (1a9hs) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
HTTPS vs HTTP for ACS URL
My SAML Service Provider uses HTTPS. When configuring the application in Okta, I provided the https url in the "Single Sign On URL" field for my application (settings screenshot below). But Okta is posting assertions to my service provider via plain HTTP. Is there a setting that I'm mising somewhere?

 

0EM2A000000Drcl

 

My ACS is detecting the difference in the url scheme and is throwing the following error:

 

The response was received at http://murphy.alertmedia.com/api/sso/saml instead of https://murphy.alertmedia.com/api/sso/saml (invalid_response)

 

I want assertions sent over HTTPS if possible, thanks for any help!
  • 2 answers
  • 1.58K views

  • alexandru.preda1.485391231955779E12 (Okta, Inc.)

    Hello, 

     

    Alex here with Okta's Customer Support Team.

     

    Based on what we`re seeing the assertion should be sent over HTTPS.

    However, we would need to further investigate you application`s setup on Okta`s end and also we would like to gather some logs and a SAML assertion, so I would recommend you opening a ticket with Okta Support so we can best assist you in your integration. 

     

    Thank You,

     

    Alexandru Preda

    Technical Support Engineer

    Okta Global Customer Care
    Expand Post

  • 1a9hs (1a9hs)

    Hey Alex, thanks for getting back to me. Our company provides a Verified Appliction in the App directory for our customers, but we don't use Okta for user management. So when I go to open a support case, I have no options in the "Okta Org" dropdown (see screenshot). How can I get around this to open a support case?

     

    0EM2A000000Drgy
    Expand Post
This question is closed.
Loading
HTTPS vs HTTP for ACS URL