Hello again, After further investigation it looks like the issue is with the SAML endpoint. When I click on the IdP login button, I'm well redirected to the IdP login portal. I enter my login and the identity provider logs shows that the user is logged in but when I get redirected to edx I get the error 403.
It looks that I'm not redirecting to the right edx Url once logged in. Right now the IdP is configured to redirect to the LMS dashboard. My question is the next : To what end URL should the IdP redirect the user to ? I tried the LMS BASE and LMS/dashboard. I can't really find this information in edx.readthedocs unfortunately. Has someone encountered the same the issue ? Or can someone share to what URL he redirect the IdP requests to maybe ? Thanks in advance for your help Best Regards, Lucas Le mardi 12 mars 2019 12:01:02 UTC+1, Lucas Rittié a écrit : > > Hello everyone, > > I'm trying to follow the docs to integrate edx with Okta as a SAML service > Provider. (edx.readthedocs > <https://edx.readthedocs.io/projects/edx-installing-configuring-and-running/en/latest/configuration/tpa/tpa_integrate_open/tpa_SAML_IdP.html> > ) > > I'm working with edx latest release Hawthorn in the devstack environment. > > The site is configured with HTTPS & SSL Let's encrypt using a traefik > container. > > The issue is when I try to connect via Okta my third party auth, I get an > http 403 error.as below when redirected to edx. > > Forbidden (403) > > CSRF verification failed. Request aborted. > > You are seeing this message because this HTTPS site requires a 'Referer > header' to be sent by your Web browser, but none was sent. This header is > required for security reasons, to ensure that your browser is not being > hijacked by third parties. > > If you have configured your browser to disable 'Referer' headers, please > re-enable them, at least for this site, or for HTTPS connections, or for > 'same-origin' requests. > Help > > Reason given for failure: > > Referer checking failed - no Referer. > > > > > I've looked for similar issue but could't quite understand how people > solve this issue.My question is how to workaround this issue ? I'm not sure > if I have to modify edx default forms with crsf tags and which oneto modify > the form to include in the POST the right parameters. or else is there > another way to solve this. > > > Thanks in advance for your help, > Lucas > -- You received this message because you are subscribed to the Google Groups "General Open edX discussion" group. To view this discussion on the web visit https://groups.google.com/d/msgid/edx-code/0d6c6fcb-df1f-46d2-acf0-7c67366779b2%40googlegroups.com.
