Thanks. In what encoding should be the saml response? Base64 or plain xml?
Yes I did it.
It finally worked for me. I made a mistake in "aveksaurl" value (authentication source configuration). To solve the problem I replaced "https://.../aveksa/command.submit?cmd=loginUser&authsource=saml_okta" by "https://.../aveksa/command.submit"
Thank you all.
Base64 encoding should be used
This is what the working example looks like from my lab. I use Postman to test and this is Postman's "Code” transformation to cURL.curl --location --request POST 'https://<igl-hostname>:<igl-port>/aveksa/command.submit?cmd=loginUser&authsource=<saml-auth-source-name>' \
--header 'Content-Type: application/x-www-form-urlencoded' \
I tried both Postman and Curl but I get the same error message in my logs:
"WARN (default task-5) [com.aveksa.server.command.LoginUserCommand] Error occurred logging user null in with authprovider saml_okta"
However, with the same user, I have succeeded to authenticate through RSA IGL IHM, via the aveksa/main url.Here is an screenshot of my okta authentication's configuration.
Did you configure an additional IDP replying trust for this WebService endpoint as in step #2?
I was just about to reply saying you should remove all parameters from the aveksaurl (and similarly in your Okta configuration). Glad this is all resolved now!
I branched this to a separate question so it has can help others in the future.
Retrieving data ...