ScottC.38230 (Customer) asked a question.
Okta OpenID requires "state" but the RFC says recommended
I'm trying to set up my scale computing cluster to have admins auth against Okta.
I've created a custom OpenID, set the parameters as best I could figure out, but now requests get immediately redirected to:
The request being sent to Okta is:
Looking through the docs, it looks like Okta categorizes state as a required parameter but the OpenID Connect RFC lists it as Recommended.
I've open a request with the vendor but their position is anything other then ADFS/AzureADFS is not tested or supported so I don't know how much movement I'll get there.
I'm reasonably competent in SAML but Okta + OpenID is new to me,
Thanks!
Hi @ScottC.38230 (Customer) , Thank you for reaching out to the Okta Community!
There are a couple of tangential posts around the subject, but my advice would be to reach out to the dedicated Developer Forum devforum.okta.com to take advantage of their expertise.
While we'll do our best to answer all of your questions here, this medium is more inclined towards Okta core products and features.
https://support.okta.com/help/s/question/0D51Y0000A5N3rJSQS/how-do-i-fetch-the-state-value-for-accessing-application-post-successful-authentication-through-openid-connect-authorization-endpoint?language=en_US
https://support.okta.com/help/s/question/0D54z00007fV0ZTCA0/state-value-is-not-present-in-redirectcallback-url?language=en_US
Hope my answer helps!
--------------------------------
Community members help others by clicking Like or Select as Best on responses. Try it today.
Thank you for the response. The issue appears to be that Okta deviates from the standard for OpenID Connect by requiring the state parameter, this seems like a bug or omission on Okta's end.
I've opened a case, we'll see what they say.
Thanks
Scott, have you found an answer? I am having exactly the same issue...