Apigee integrated portal with SAML okta login will get SAML message intended destination endpoint did not match recipient endpoint

I'm trying to use integrated portal with external SAML IDP - okta. I have reviewed the https://docs.apigee.com/api-platform/system-administration/enabling-saml-authentication-edge and created app in okta. Unfortunately after login Apigee responds with strange - SAML message intended destination endpoint did not match recipient endpoint

Please review okta setup and saml-okta-apigee.zip HAR - what can be changed to match the endpoint? apigee-setup.pngokta-error.pngokta-settings.pngokta-setup.png

0 3 630
3 REPLIES 3

@Arjav Goswami - FYI

I'm sorry you're experiencing this problem Serge.

The error message you are reporting is due to a known problem, and the team is working on a solution.

ref: b/138740579


Hey Serge, an update:

We've been looking through some things, and it's possible that if you try logging into your IDP App before everything is properly set up in Apigee Edge, Apigee Edge will get confused. It sure looks like a bug in the Apigee Edge SAML setup logic. But, if you follow the steps in this video, in this order, then you may be able to succeed with setting up SAML Okta Login.

click for screencast

I'm also having this issue. I followed the steps in the video in order. I am getting "SAML message intended destination endpoint did not match recipient endpoint"

I did not try to log into the IDP App until I had fully filled in the details on the SAML Indentity Provider page and made sure my user was assigned to the application in Okta. I've tried this three times now, all with the same result.

@Arjav Goswami @arjavgoswami

Do you have any input here?