Shibboleth SP & Okta IdP Redirect Looping
Cantor, Scott
cantor.2 at osu.edu
Wed Aug 5 17:20:35 UTC 2020
On 8/5/20, 12:52 PM, "users on behalf of Paul Carroll" <users-bounces at shibboleth.net on behalf of pcarroll at nfmail.net> wrote:
> Is there a specific cookie name that I should be looking for or does it depend on the IdP that is being used?
No, the SP cookies have nothing to do with the IdP. Loops don't depend on the IdP, they're a client/SP issue.
You have to compare traces to identify working vs. non-working payloads generally at the final resource access step, and this is assuming the native module half of the logs don't just tell you outright what it doesn't like, such as an address mismatch. The cookies might be fine and the network and SP settings are at fault.
-- Scott
More information about the users
mailing list