Login to Web Client Fails with Error 403--Forbidden In the Browser After Configured Settings for SAML 2.0 Integration with Okta (Doc ID 2964714.1)

Last updated on JANUARY 24, 2024

Applies to:

Symptoms

Configured settings for SAML 2.0 integration with okta in WebLogic admin console to integrate Agile Product Lifecycle Management (PLM) with okta to enable Single Sign On (SSO) access.
After this, access to Web Client URL, and the URL is redirected to okta login page successfully.
However after the user provides the okta login authentication, instead of routing to the Web Client page, the browser shows below error:


Error 403--Forbidden
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.




The issue can be reproduced at will with the following steps:

1. Access to Web Client URL: http(s)://{server_name}.{domain_name}:{port}/Agile/PLMServlet
2. The URL is redirected to okta login screen.
3. Provide okta username and password, and login.
4. The URL gets redirected to http(s)://{server_name}.{domain_name}:{port}/saml2/sp/acs/post, and gets 403 error in the browser.
   
   
   

Changes

Configured settings for SAML2.0 integration with okta in WebLogic admin console.

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.