[SAML] Cannot have IdP initiated login and SP initiated login at the same time with Okta

orsifacundo · March 9, 2021, 2:07pm

Hi! I’ve followed the SSO blogpost to configure SAML with Okta and it works fine but the problem is that:

When configuring the ACS URL on Okta (Single Sign On URL parameter) as /_opendistro/_security/saml/acs/ then it will only let me authenticate as SP initiated login.
When configuring the ACS URL on Okta (Single Sign On URL parameter) as /_opendistro/_security/saml/acs/idpinitiated then it will only let me authenticate as IdP initiated login.

Is this suppose to work like this? Is there any workaround to have both authentication flows at the same time? I tried creating 2 apps on Okta and 2 configs on Open Distro with different order but it doesn’t work.

Regards.

pablo · March 10, 2021, 2:23pm

What odfe version are you testing this?

orsifacundo · March 10, 2021, 3:12pm

Hi Pablo, I’m using ODFE v 1.11.0 but is the same with 1.11.2.

Regards.

Topic		Replies	Views
Okta SSO not working as expected Security troubleshoot	5	934	May 18, 2022
SAML does not work with Okta or Azure AD. PLEASE HELP! Security	4	832	May 28, 2021
Google Workspace (aka G-Suite) enable both SP- and IdP-initiated authentication SSO with OpenSearch Security configure	2	1660	March 3, 2023
Okta/Saml authentication Security	3	1356	July 8, 2021
Anyone have OpenID Connect SSO integration working with Okta? Security	1	872	February 3, 2020

[SAML] Cannot have IdP initiated login and SP initiated login at the same time with Okta

Related topics