24400 (24400) asked a question.
Using Okta as SAML External IDP for Azure Active Directory
I need to add okta as external identity provider into Azure Active Directory. Created SAML Idp application in okta and have configured idp meta data in azure as well. When trying login azure fails to validate SAML response and gives error [AADSTS500089: SAML 2.0 assertion validation failed: SAML token is invalid].
Please can anyone help me with this issue?
Please check attachment of idp app created in okta.
Image is not available
Hello @24400 (24400)
I hope you are having a great day
Thank you for reach us to help you with your setup. Most of the time this error message occurs because Okta does not pass keys for this token but this is made by design
If you wish you can use introspect API request https://example.okta.com/oauth2/v1/introspect to validate this access token remotely.
You can learn more about this topic using the link below:
https://support.okta.com/help/s/article/Signature-Validation-Failed-on-Access-Token
Have a great day ahead
Regards
Henry Esquivel
Okta Inc