<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7VGWSA3Okta Classic EngineOkta Integration NetworkAnswered2018-09-05T01:28:32.000Z2016-10-20T02:53:09.000Z2016-10-31T22:35:10.000Z

PietH.37941 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
SAML - HTTP-Redirect instead of HTTP-POST at Single Logout

Hi there!

 

I'm currently building an online php application for which I'm using Okta as Identity Provider. It's a mulit tenant app (tenants are recognized by url (ex. https://server.com/saml/{tenant}/login)).

 

Single Sign On is working just fine, but the fact that Single Logout doesn't work is becoming a big issue. I figured that it's because the library I use (onelogin/php-saml), only supports the HTTP-Redirect binding at SLO, but Okta sends a HTTP-POST response by default. Is there an option so that we Okta uses HTTP-Redirect instead of HTTP-POST?

 

Thanks in advance!

- Roban

 

BTW: Here is the error and stacktrace I constantly get: OneLogin_Saml2_Error in Auth.php line 211: SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding in Auth.php line 211 at OneLogin_Saml2_Auth->processSLO(false, null, true, object(Closure)) in Saml2Auth.php line 110 at Saml2Auth->sls(true) in Saml2Controller.php line 87 at Saml2Controller->sls('demo') at call_user_func_array(array(object(Saml2Controller), 'sls'), array('tenant' => 'demo')) in Controller.php line 80 at Controller->callAction('sls', array('tenant' => 'demo')) in ControllerDispatcher.php line 146 at ControllerDispatcher->call(object(Saml2Controller), object(Route), 'sls') in ControllerDispatcher.php line 94 at ControllerDispatcher->Illuminate\Routing\{closure}(object(Request)) at call_user_func(object(Closure), object(Request)) in Pipeline.php line 52 at Pipeline->Illuminate\Routing\{closure}(object(Request)) at call_user_func(object(Closure), object(Request)) in Pipeline.php line 102 at Pipeline->then(object(Closure)) in ControllerDispatcher.php line 96 ...
  • 1 answer
  • 6.44K views

  • ezazul.bhuiyan1.425670956216307E12 (Okta, Inc.)

    Hi Piet,

     

    Thank you for contacting Okta support. Looks liek there was a case previously opened for this issue with Case Number

    00218266

     

    I've researched this issue and Okta only sends a HTTP-POST response for single logout requests.

    If you require Okta to send a HTTP-Redirect or cannot alter your app to accept HTTP-POST, this is something Okta don't have with the current offering.

     

    Looks like you have already posted this on the community forum-

     

    https://support.okta.com/help/articles/Knowledge_Article/Submit-Product-Ideas-to-the-Okta-Community

     

    This area is regularly monitored by our Product Management team and if they find the feature request is popular, they might consider it as part of the product roadmap. 

     

    As part of our Support process, usually we will close out this support ticket as there is no further action require from support side. However, could you let me know if you have further concerns on this before we proceed to resolve this ticket?

     

    Thank You,

     

    Okta Global Customer Care
    Expand Post
This question is closed.
Loading
SAML - HTTP-Redirect instead of HTTP-POST at Single Logout