I have a React SPA which uses Auth0 for authentication. One of my clients uses Okta for SSO, and I want to configure a connection for SSO to my application from Okta.
I have configured the enterprise connection using https://auth0.com/docs/protocols/saml/identity-providers/okta . I tested the connection and It works.
I am now trying to integrate the connection with my SPA. my SPA uses the lock widget (version 11) and is not using a custom domain (authenticates via .auth0.com). The lock widget is embedded in my SPA (I am not using the hosted login page). I cannot seem to get this working, and couldn’t find a guide for it anywhere. There are a few things I am not sure I need:
should I enable the SAML2 Addon? If so, what should I set as the application callback URL? (I set up the connection in Okta as SAML, according to the guide I mentioned above)
when authenticating, I am having 2 issues:
If this is a idp initiated authentication, the authentication seems successful (I see it in the log), but then I am redirected to my application login page (with the lock widget) which requests me to login (there is also an additional request parameter
If I try to initiate the connection through my application’s dashboard, the lock widget identifies my domain as a SSO domain and attempts to initiate an SSO with Okta. It accesses Okta but fails with the error: “The InResponseTo attribute does not match the id in the AuthNRequest” (in Okta I see it as a success)
What am I doing wrong? is there some configuration required in the lock widget in order to enable the integration? If not is there a guide I can follow on integrating SSO via Okta with my SPA?
Thanks in advance!