9jr88 (9jr88) asked a question.
Okta SAML Post response not sent if the user has to login to their Okta account
Hello all,
I am having a issue with the Okta SAML Post response not being sent after the Okta user logs into their account but the Okta SAML Post response is sent if the Okta user is already logged in.
This works (user already logged into their Okta account):
- service sends the user to login via the Provider Single Sign-On URL
- the user is already logged into their Okta account
- the SAML Post response is sent from Okta
- service validates the response and logs the user into the service
This does not work (user is not logged into their Okta account):
- service sends the user to login via the Provider Single Sign-On URL
- the user logs into their Okta account, using Google account to login
- the SAML Post response is never sent from Okta
I am using an developer account for the Okta SAML integration and have assigned the dev account as a user to the service App.
Is there a config setting somewhere that can revolve this issue?
Alex
Hello Alex,
I hope you are great! Mario here.
Due to security reasons the "POST" HTTP method does not saved logs (See the image in this link).
Logs will be not seen when the user is logged out of the org but logs will be keep when logged in .
What is needed since this is a customer application, in your developed app (App side) is to make sure the endpoints accept the POST, GET, etc. This because the destination URL configure on Okta app will send the request.
On Okta app side, you need to make sure the custom apps SSO, Recipient, Destination should be the correct URLs. Those could be the same or if you configure any different one you should provide them.
You can open a developer/support case in order to check if possible to select or add the POST for the login to URL so when the user login you can see the POST logs outside of the organization.
Regards,