<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y00007tCsaISASOkta Classic EngineOkta Integration NetworkAnswered2020-08-20T12:54:22.000Z2020-02-25T11:10:36.000Z2020-04-02T02:05:16.000Z

DeepakM.23130 (Customer) asked a question.

February 25, 2020 at 11:10 AM
When I am trying to Single logout from Okta (Identity Provider) using auth0 (Service Provider), then we get status:AuthnFailed Error

Requested SAML

 

<samlp:LogoutRequest ID="_2c0f542fb163aab37627" Version="2.0" IssueInstant="2020-02-25T11:08:52Z" Destination="https://acrocorpxrm2.okta.com/app/acrocorporg701308_oktatest_1/exk27f14yxwgGj4DX4x6/slo/saml" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" > <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">urn:auth0:xrmdev:OktaTest</Issuer> <Signature xmlns="http://www.w3.org/2000/09/xmldsig*"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n*" /> <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more*rsa-sha256" /> <Reference URI="*_2c0f542fb163aab37627"> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig*enveloped-signature" /> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n*" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc*sha256" /> <DigestValue>5TEqHbUMbEOcwvXvgryUf6ayCyU5nCo2WnSAnKjbOMw=</DigestValue> </Reference> </SignedInfo> <SignatureValue>RiQoHZaEKgOilRh21XRbhOkXxNf+Hy3yNc1leN4HZ3bPZkczWuNr9n0NmtOkzzQavZqbwyvu51EcHv93itqroMfaZXMtfpLIvUMNpmANHAR1AGzZWAuyqDxmcmWnFQyNdNyWdMWvpaF4oSdpvc3ODzcmhBb9iCypqeQ9+gvgK2EGPxhx5mb8bu8KM7CeVF4DmZUgQoB/S+YVsZfSbhhvme263ELB/ycL1y9DI5MkTA2VbWGgzhEBgXakBp1GJg8iP675EGdcWpsCVe2V6gtofvDVLVTprDYYSNm3lECQeWBYwBVGSn3myoLnk1mUGr9TzOJQmPjxJk97mk6HIXO3Pg==</SignatureValue> <KeyInfo> <X509Data> <X509Certificate>MIIC+zCCAeOgAwIBAgIJTNH6eOpuns/aMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAMTEHhybWRldi5hdXRoMC5jb20wHhcNMTgwNTA4MDYyMjA1WhcNMzIwMTE1MDYyMjA1WjAbMRkwFwYDVQQDExB4cm1kZXYuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycbO8YTclk0Go1g82vQKn0rHCz2ZQ0C/KCFb7g7Z4D817+Cm8Ch9x9SW8GQtlBAt6UQRMkolVz2pU1xBGszEu3H4WLuFm5341h1++6csYicwgpj9NwSKRkMW0w9rZcqv20mcvVfz+smCyF2SyGmUJMewY3QD+1Eykd48oQ1z1LJUWb/u5MOG+iHy+q/9KK0NOGx9BofjE7BPAzlBdi0sO3/W+lfj56df2kttAKQNUCvKxbm6qT2gj0OnVENUu43vKrOAqE25T8DAcxp1rwHD9az9WQcXRVX8CI0sEbAFvKinyccb2vRUAHgXavf525vKIkMOtApCECwxMxCg+UBRFQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTjrYkC1EZ+E742f2VqjkRk+vhaVjAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZIhvcNAQELBQADggEBAEYxueW5z7EjOUGr8F5zzW9GiK5QYM7j7TgBg8f49MMBp7oHC0Op64SW67GKdRVcfJ/S5qYBf7QugQykKdZ7c0OJ3S54VnKM0cKMAU3CZXCMCQIGZupw2kzgnAMU6EkoxZvXBYuuSNr9lUkS8EecNWoU+hVNWpN1CB4kfGHrRIr31GBQotnJYOHIbRf4usyd6hDs390D6bYljearBVsUf13MZvwvmGh5z/AuN4bsBvGP/ikhiA4O3c7c714ww2h2XhIcp5ix/Q2rdzr6f3KLILqUE1ui4x5wzeK2iCul22xLfDEquoI5hd5G6qR/rWOEx8Z2jS2NqXDmHR+ksz8I0bE=</X509Certificate> </X509Data> </KeyInfo> </Signature> <NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:x509SubjectName" >dmaurya@acrocorp.com</NameID> <samlp:SessionIndex>_839402bd443d3c77b352907d494ebbab</samlp:SessionIndex> </samlp:LogoutRequest>

 

 

Responded SAML

 

<saml2p:LogoutResponse Destination="https://xrmdev.auth0.com/logout" ID="id14301327604075092407419509" InResponseTo="_2c0f542fb163aab37627" IssueInstant="2020-02-25T11:08:53.223Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" > <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" >http://www.okta.com/exk27f14yxwgGj4DX4x6</saml2:Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig*"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n*" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more*rsa-sha256" /> <ds:Reference URI="*id14301327604075092407419509"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig*enveloped-signature" /> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n*" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc*sha256" /> <ds:DigestValue>AqgGwvAjpVpi/17lUUlGC8EKFI5pl4V3TRuMHPaOZ1w=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>YYSGjdLJdiFkDnLDhnQT49tkZblY9NeJrBmZTFecIFwLb3rb78QGcAk4fQGmPLQqEggNGOYQOTgHC2rKCpvVTjnfl2bkWXlyMrNo+jztoqvgUFG6gldV/prkdYoirAh/TKP45NAezF4VW/dvzqR4lXfIvXzokdxodYmXpfHeMCb1wZBcWCnfam2/kcepA7sFvq2/X0LH+LiWaieYVRYuneN6sLI/2MsIfYEhcP5dETCZMD2cI1yOophB3tMwXV7fj6vEdHGA0T9NSQa1roEX21RsGY9pWz4ES54kEnxJXAdX9baBtrNTM1TeNHiQzlOc5pI1Rb4q6DlhuSYOLACZ/A==</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIDqDCCApCgAwIBAgIGAXA9kJFkMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYDVQQGEwJVUzETMBEG A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU MBIGA1UECwwLU1NPUHJvdmlkZXIxFTATBgNVBAMMDGFjcm9jb3JweHJtMjEcMBoGCSqGSIb3DQEJ ARYNaW5mb0Bva3RhLmNvbTAeFw0yMDAyMTMwNzU5NDlaFw0zMDAyMTMwODAwNDlaMIGUMQswCQYD VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsG A1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxFTATBgNVBAMMDGFjcm9jb3JweHJtMjEc MBoGCSqGSIb3DQEJARYNaW5mb0Bva3RhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4/SO4X0lYQESrDGSTCsTAe1ZXRz6E7HVw7ptATHhwpQSGbj32xRori7D4mZtHIYx1lyBxP OiAwPb7+wM1teF0vJqI6WHFaqu3mE41urAKgV98/CCUL6afub3IrV8K37LCwGveZXg9SDardgT4f XrSAdsK4c6xvkYsXBBzg/5Py/rP9BdkDSkSlQ01h7M31kf3v8fmqyB6xNTTSkHZDbvct9fDvmJP6 DNFzvuosil+0HYTM+VD9NzNaWl2FaSZaSOSMdl2SCxDZ+Se71ajHB9/yFglWn8BDHufQ26gVhuEv L4MwjDj+lftxxIaXS4h9CvozyZaa5enwKabZtOfGuk0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA VfgzrAgx1PRgPFqQyJgr8e7h4FU2JWqLpRtaMaXt/J1tDYRA77PD68WOT13Uaks8ElAhrE00RsL6 MnMKJn6WtIllRckSnd0s4uJehf7IcNtMbjY4CaPoBv+CuVXSH2iqPBlvqeMS/mG6xBWedJlJXywr 1M0ms8UUG3mEtLJw7zrBPipP5olqfGUoLDR582T0Jpk/OGVCks3hu+b54BCWL/HlnSCotC58CCbD 7Gr+t0XZam/hDWDnbQ3w/lRqWtK6MLnyP3H6ZiwzhxQJMeQkLmvShgL4UHSbNSdfmPyg6OIv1nQq 2S9kl6+4xXpIYNQolkE/YUj3KZWdsJE9wsjWfg==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <saml2p:Status xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"> <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:AuthnFailed" /> </saml2p:Status> </saml2p:LogoutResponse>

  • 1 answer
  • 917 views

  • molly.masterson1.5499146976511477E12 (Okta)

    Hey there! Sorry for the lack of response here on the Discussions forum. If you’re still looking for an answer, I would recommend checking out our Developer resources, including the Developer Forum (https://devforum.okta.com/) and documentation. If you are unable to find the solutions you're looking for there, we would encourage you to contact our dedicated Developer Support team at developers@okta.com, and they will be able to help you out.

    Expand Post
This question is closed.
Loading
When I am trying to Single logout from Okta (Identity Provider) using auth0 (Service Provider), then we get status:AuthnFailed Error