PrashantS.12487 (Customer) asked a question.
We have configured SAML 2.0 IDP to authenticate users from external SP Which is rippling via OIDC app, At frontend we are using okta sign-in widget with embedded URL. So when user enter the email it's redirecting to the rippling for auth and once it's authenticated it's redirected to different Okta domain.
So when user try to login to the rippling it's redirected using following BASE URL which is correct one
But once user is authenticated it's redirecting to my dev base URL with 404 okta page Instead it should redirect user with above base url.
So I'm unable to figure out what is wrong in this case and how to correct it, Though same works for dev base URL.
Please tell me what i am doing wrong or what are the possible root cause for this issue.
Thanks !!
Hi @PrashantS.12487 (Customer) , Thanks for taking the time to reach out to the Okta Community!
See if you can get some SAML traces to help you track the flow. Get a trace for the successful flow and one for the failed, then see if you can find the discrepancies in URLs that might be causing the 404.
Here's a doc on how to get and user a SAML tracer:
https://developer.okta.com/docs/guides/saml-tracer/main/#example-saml-response
Hope it helps!
Thanks @Mihai Negoita - Okta (Okta, Inc.)
After checking the SAML traces i found that destination URL from the external IDP to okta is misconfigured that's why it's happening.