I am facing issue of InResponseTo error. In my setup Auth0 is acting as SP and Okta as IDP, and the response from IDP goes first to our hosted url and then forwarded to Auth0.
I have setup a custom domain,
the request is initiated with this custom domain,
goes to IDP where IDP replies to our hosted ACS url (not Auth0) which forwards the SAML response to Auth0 (the custom domain)
Even though the InResponseTo attribute matches the ID in SAMLRequest - I get the error that it does not match. On what scope of InResponseTo depend and is there a way I can enable InResponseTo with my proxy setup?