My Oracle Support Banner

OAM - OKTA Federation: Bad SAML request encountered while checking for ForceAuthn. (Doc ID 2397306.1)

Last updated on MAY 14, 2018

Applies to:

Oracle Access Manager - Version 11.1.2.3.3 and later
Information in this document applies to any platform.

Symptoms

 

OAM 11.1.2.3 BP12 - OKTA Federation :

 

 

SETUP
-----------------------

OAM is SP

OKTA is IDP.

 

SP initiated SSO fails as "Bad SAML request encountered while checking for ForceAuthn"

 

samlRequest=hZPbbuIwEIZfJfJeJ3ZCUKkFVGlRd5HoFi1pt9qbynVMsPAheEwDb78Oh6p7UfZ29P1z+GdmeLPTKnoXDqQ1I5QmBEXCcFtJU4/QU3kfD1AEnpmKKWvECO0FoJvxEJhWDS22fmV+ic1WgI9CIgO0AhmEK+8binHbtknbS6yrcUYIweQaB6pDvqETH4p9gaeY5B0eiA+6KztCW2eoZSCBGqYFUM/poniY0SwhlAEI58MwnyXNZU3jrLfcqrNk1yfkv4qlVCHIvHfybesFfQmijwQgvxzq5WG24CuhWSxNZywXKJqfGriV5mj8pdpvRwjoj7Kcx/PHRYmi6WSEZBXXm1v33LZ6MPtdL/O7IluTp956H08fm2Iz6cdFPKi/l/0cRc/njWfdxqcAWzE9tONDiKSDmOQxuS7Ta5r1aZb+QdEk7Fga5g+qbjYIwxldNYlde9Y48S5Fm3CrMWsafASZ0sw521bWWBc8qx3T0p/YV+sYV4JxLgA0M6wW7jXFYrcWK0W45S5TMl0uyOoKA1jcLRIdL48eGnbRvXWa+ct2dZFgzfKAhnPz0u/R+LQcbXLo5XmP0DRP0ytsmcZLUQ3xpyrnY/8ZEk0nc6sk30eFUra9c4L58BPebQXC46Pq368Y/wU=


ERROR
-----------------------
HTTP 400 Bad SAML Request




STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. OAM is configured as SP and OKTA as the IDP.
2. OAM/SP initiated SSO fails on the OKTA side with HTTP 400 error

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.