Shibboleth SP & Okta IdP Redirect Looping

Cantor, Scott cantor.2 at
Wed Aug 5 17:20:35 UTC 2020

On 8/5/20, 12:52 PM, "users on behalf of Paul Carroll" <users-bounces at on behalf of pcarroll at> wrote:

>    Is there a specific cookie name that I should be looking for or does it depend on the IdP that is being used?

No, the SP cookies have nothing to do with the IdP. Loops don't depend on the IdP, they're a client/SP issue.

You have to compare traces to identify working vs. non-working payloads generally at the final resource access step, and this is assuming the native module half of the logs don't just tell you outright what it doesn't like, such as an address mismatch. The cookies might be fine and the network and SP settings are at fault.

-- Scott

More information about the users mailing list