<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z000092wqlYCAQOkta Classic EngineAdministrationAnswered2023-04-12T14:23:19.000Z2023-04-10T19:03:24.000Z2023-04-12T14:23:19.000Z

JoO.81138 (Customer) asked a question.

April 10, 2023 at 7:03 PM
saml-2-0-assertion-flow

Hello,

 

I am following the article "How to imlement the SAML 2.0 assertion flow" (https://developer.okta.com/docs/guides/implement-grant-type/saml2assert/main/*request-example).

I was able to configure my "default" Authorization server to enable the grant type "SAML 2.0 assertion":

 

/help/servlet/rtaImage?refid=0EM4z000005SbQW

 

However, that grant type is not available when updating or creating a new Application (Web server side or SPA) using OIDC:

/help/servlet/rtaImage?refid=0EM4z000005SbQl

What steps am I missing?

 

Thank you.

  • 2 answers
  • 419 views

  • TusharV.35363 (Customer)

    Hi Jo,

     

    It seems from console you can create only native type applications with SAML Assertion as a grant type, you need to create the SPA/Web type of application using the Dynamic Client Registration API to be able to use this grant type.

     

    This is mentioned in a note in the same article.

    Hope it helps

     

    Thanks

    Tushar Vatsa

    Expand Post
    Selected as Best

  • TusharV.35363 (Customer)

    Hi Jo,

     

    It seems from console you can create only native type applications with SAML Assertion as a grant type, you need to create the SPA/Web type of application using the Dynamic Client Registration API to be able to use this grant type.

     

    This is mentioned in a note in the same article.

    Hope it helps

     

    Thanks

    Tushar Vatsa

    Expand Post
    Selected as Best

    • JoO.81138 (Customer)

      Hello Tushar,

       

      Thank you for your reply and pointing out that note in the article - I missed it. I was following the steps in the admin console but you are right they are only for "Native Apps". For Web/SPA it seems we need go through the Okta API.

       

      Thanks a lot!

      Jo

      Expand Post
This question is closed.
Loading
saml-2-0-assertion-flow