fmnh7 (fmnh7) asked a question.
Hi there
We are desperately trying to correctly perform a SLO (Single LogOut) from our application.
We are using nodejs passport-saml module to perform SAML SSO authentication.
From Okta's dashborad, we configured the application to allow it to initiate Single LogOut.
We configured the same certificate provided by Okta as Signature Certificate (okta.cert).
On the server side, we provided the application with the logout URL generated by Okta. Here is our passport-saml Strategy config:
When we initiate the logout, we are receiving the SAML POST Request in the callback configured above, but it seems that the user session is still alive. When checking the logs we got this error:
Any Idea? What are we missing?
Help appreciated.
Louis
As a side note, the logout worked perfectly on MS Azure SAML. And the idea was to migrate from Azure to Okta.
Hi Louis,
Thank you for reaching out to us! It seems you uploaded the wrong cert, it should be the application certificate, not Okta's try replacing it and try again afterwards, should work fine. Also make sure the issuer is correct as well.
Thank you, if you have any further concerns please open a support case with us.