<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z000085h5YwCAIOkta Classic EngineSingle Sign-OnAnswered2024-05-16T20:05:12.000Z2022-09-13T06:21:01.000Z2022-09-27T11:31:50.000Z

l0dsl (l0dsl) asked a question.

September 13, 2022 at 6:21 AM
SAML IdP-initiated request failed with no information

We are currently conducting our tests with a trial account on Okta with following information:

https://trial-4299552.okta.com

 

For SP-initiated, connection is flawless and everything works properly.

But, for IDP-initiated, it does not connect and, unfortunately, the error we receive does not provide us with a useful clue. The error is as follows:

 

Login Failed, 400 Bad Request, Error Code: GENERAL_NONSUCCESS

 

We also analyzed the System Log, which exists in the Report menu, but no failed log can be found.

 

Please, find attached the files regarding SAML Request and SAML Response to the SP-initiated case with the successful connection:

 

OKTA_SP-initiated_SAMLRequest_params_SUCCESS.txt

OKTA_SP-initiated_SAMLRequest_SUCCESS.txt

 

as well as the files regarding SAML Response to the IDP-initiated case with the failed connection:

 

OKTA_IDP-initiated_SAMLResponse_params_FAILED.txt

OKTA_IDP-initiated_SAMLResponse_FAILED.txt

OKTA_IDP-initiated_SAMLResponse_web_FAILED.png

 

We need a detailed, more helpful error for SAML Response to IDP-initiated, so that we will be able to debug it.

  • 7 answers
  • 586 views

  • l0dsl (l0dsl)

    posted a file.
    • Unknown file type
      The file is no longer available.

  • l0dsl (l0dsl)

    posted a file.
    • Unknown file type
      The file is no longer available.

  • l0dsl (l0dsl)

    posted a file.
    • Unknown file type
      The file is no longer available.

  • l0dsl (l0dsl)

    posted a file.
    • Unknown file type
      The file is no longer available.

  • Paul S. (Okta, Inc.)

    Hello @l0dsl (l0dsl)​ Thank you for reacting out to our Community!

     

    Usually "General nonsuccess" error indicates that there is a problem finding the account you are trying to use or the account does not exist. In the file attached I am unable to spot a value for First name, since the main 4 attributes for Okta are Username/NameID, email, First name and Last name, which could cause this issue. If one of the attributes is causing the problem, then this is should be reflected in the system log.

    This could also be caused by the state of the user, user might be in password reset state.

     

    The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.

    Expand Post

  • l0dsl (l0dsl)

    But in the attached file (OKTA_IDP-initiated_SAMLResponse_FAILED.txt), there are the attributes with their values you mentioned (NameID, email, lastName, firstName):

     

    Image is not available

    Expand Post
This question is closed.
Loading
SAML IdP-initiated request failed with no information