So, I'm trying to configure Okta as an identity provider, and I want to log in to the application using a workflow initiated by the service provider. I installed the SAML 2.0 template application in Okta and installed the entry point and SAML certificate from the service provider. The service provider initiates the workflow just fine, a pop-up window opens with the Okta login dialog. But as soon as the login is complete, I ended up in the Okta portal with a list of my applications. What needs to happen is to redirect back to the service provider so that it can use the user ID to log in.
I followed the instructions for configuring IdP https://support.okta.com/entries/23364161-Configuring-Okta-Template-SAML-2-0-application
This is what my Okta config looks like
Application Label: App Name
Force Authentication: no
Name ID format: EmailAddress
Recipient: https://serviceprovider.com/_saml/validate/okta/
Audience Restriction: https://serviceprovider.com/
authnContextClassRef: Password Protected Transport
Destination: https://serviceprovider.com/_saml/validate/okta/
Response: signed
Assertion: signed
Request: uncompressed
Default Relay State: Leave blank since we are only doing SP initiated workflow
Post Back URL: https://serviceprovider.com/_saml/validate/okta/
Attribute Statements: none
Group Name: leave blank
Group filter: leave blank
I don’t see errors on the Okta portal or in the Okta admin panel, so I can’t understand why it does not complete the workflow and is not redirected back to the SP. Is there a place in Okta to see any errors that might be caused by the process?
Does anyone know what could be?
source
share