invalid_ticket -> http://10.100.2.55/auth/saml/callback

[rzvn2600]

Hi all,

We have an issue with the redirection from OKTA cu the application (kibana). If we execute the IP address directly, it redirects to okta, after authentication we get redirected to kibana and everything works fine.
The problem we experience is when we login to okta and execute the link to the kibana application, it redirects to http://10.100.2.55/auth/saml/callback and fails with the following message:

SAML:

POST ->
POST http://10.100.2.55/auth/saml/callback HTTP/1.1
Host: 10.100.2.55
HTTP/1.1 302 Moved Temporarily
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.12.2 Date: Mon, 15 Jan 2018 10:25:25 GMT Content-Type: text/html;charset=utf-8 Content-Length: 0 Connection: keep-alive Location: http://127.0.0.1:3311/
GET ->
GET http://127.0.0.1:3311/ HTTP/1.1
Host: 127.0.0.1:3311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:57.0) Gecko/20100101 Firefox/57.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1

Basically the redirection goes to 127.0.0.1:3311. But if we execute the IP of the machine directly, okta authentication is done and we get redirected to the Kibana UI without any issue.

Any ideas how we could debug this ?

Thanks

[lboyette-okta]

Thanks for filing a ticket! Unfortunately, the okta-auth-js library doesn't seem related to your problem. For problems with the Okta service, you can start a discussion on the developer forum or open a case with Okta support.