SAML authentication handler contains unsafe inline script - Unable to redirect to Okta login page

Question

We are using a nonce worker to avoid loading inline scripts,
But SAML authentication handler contains a form that redirects to the OKTA login page.
This form includes an unsafe inline script, which prevents the page from rendering and redirects to the OKTA login page.

Any one have faced this issue?

TarunKumar · Accepted Answer

HI @rajsamala-hgs ,Please check server side configuration for SAML Authentication handler generally we configure a SAML authentication handler in AEM to act as a proxy for Okta authentication. This handler will redirect users to Okta's login page, handle the OAuth 2.0 PCKE flow, and exchange the authorization code for an access token and ID token. Also, utilize Sling Resource Access Control (Sling RAC) to protect specific routes or resources. Configure Sling RAC rules to restrict access to these protected areas based on the presence of a valid Okta access token.-Tarun

kautuk_sahni · Answer

@rajsamala-hgs Did you find the suggestion helpful? Please let us know if you require more information. Otherwise, please mark the answer as correct for posterity. If you've discovered a solution yourself, we would appreciate it if you could share it with the community. Thank you!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded