This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OKTA stops working after upgrade to 2022 R2 from 2020 R2

Jump to solution
Muneer
By
Level 4

Following a recent upgrade of FNMS from 2020 R2 to 2022 R2, we have encountered issues with our Octa integration. It has come to our attention that Flexera has switched the SAML library from KentAuthService to Sustain.Saml2, resulting in the disruption of our integration.

We have taken the necessary steps to address this issue by providing all the relevant details in the SustainSys.Saml2 section and updating the Config WebUI.

However, upon accessing FNMS, we are being redirected to Octa and receiving a SAML response. Unfortunately, FNMS is reporting that the returned SAML response contains some mismatched data, but it is not explicitly stating the exact nature of the mismatch.

At this time, I am experiencing difficulties in identifying the exact cause of the mismatch.

 

The error showing up in the webui log 

Request afbb9677-ac93-4df1-a823-d4a7bc8001c9 failed referrer validation (reason: host and referrer URLs have mismatched scheme/host/port details). Host: 'https://sam.blahblah.ae/' Referrer/Origin: 'https://blahblah.okta.com/'
If the request is proxied through a load balancer that is terminating SSL connections, make sure it is setting the X-Forwarded-Proto header to 'https' OR the Front-End-Https header is set to 'on'

 

‎Mar 08, 2023 08:50 AM - edited ‎Mar 08, 2023 08:50 AM

0 Kudos
(1) Solution

Jump to solution
JohnTech
By Level 6 Flexeran
Level 6 Flexeran

Within the Okta app you will want to update the 'Recipient URL' and 'Destination URL' so that it has the same value as the 'Single Sign On URL'

I believe this can be found within the Okta app here:
applications > applications > general > SAML Settings

https://community.flexera.com/t5/FlexNet-Manager-Forum/OKTA-stops-working-after-upgrade-to-2022-R2-from-2020-R2/m-p/268613

View solution in original post

‎Mar 15, 2023 05:49 PM

(1) Reply

Jump to solution
JohnTech
By Level 6 Flexeran
Level 6 Flexeran

Within the Okta app you will want to update the 'Recipient URL' and 'Destination URL' so that it has the same value as the 'Single Sign On URL'

I believe this can be found within the Okta app here:
applications > applications > general > SAML Settings

https://community.flexera.com/t5/FlexNet-Manager-Forum/OKTA-stops-working-after-upgrade-to-2022-R2-from-2020-R2/m-p/268613

‎Mar 15, 2023 05:49 PM