Hi,
To configure Okta as SAML service you have to follow this
documentation
http://developer.okta.com/standards/SAML/setting_up_a_saml_application_in_okta,
It seems like you did that and have the IdP up and running, you have to set
these setting in order to make it works
*Single Sign on Url *:
http://myhostaddress.com:8080/securityRealm/finishLogin
*Use this for Recipient URL and Destination URL*: Checked
*Audience URI (SP Entity ID)*:
http://myhostaddress.com:8080/securityRealm/finishLogin
*Name ID Fornat* : EmailAdress
*Application username*: Okta username
*Attribute Statements* - I did not specify any here
*Group Attribute Statements*: Name=Group Nameformat=Basic Filtertype=regex
Filter=.*
Jenkins:
*Security Realm*: SAML 2.0
*IdP Metadata* : Copied from Okta
*Display Name Attribute*: The default of (
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name)
*Group Attribute*: Group
*Username Attribute*: left blank
reviewing you configuration you set Request Binding to HTTP POST, this kind
of binding it is not yet suppported by SAML Plugin you have to use HTTP
Redirect Binding
El jueves, 20 de abril de 2017, 10:20:01 (UTC+2), st...@flugel.it escribió:
>
> I'm trying to configure okta with saml jenkins plugin
> https://wiki.jenkins-ci.org/display/JENKINS/SAML+Plugin
> But getting error Cannot find entity
> https://www.okta.com/saml2/service-provider/spibofbfpairxsdsimgc or role
> {urn:oasis:names:tc:SAML:2.0:metadata}
>
> there is my metadata
> xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="
> https://www.okta.com/saml2/service-provider/spibofbfpairxsdsimgc";>
> AuthnRequestsSigned="true" WantAssertionsSigned="true"
> protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
> use="encryption">http://www.w3.org/2000/09/xmldsig#
> ">MIIDpDCCAoygAwIBAgIGAVuJmnDlMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEG
>
> A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU
>
> MBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi03ODQxMTkxHDAaBgkqhkiG9w0BCQEW
>
> DWluZm9Ab2t0YS5jb20wHhcNMTcwNDIwMDQyMzExWhcNMjcwNDIwMDQyNDExWjCBkjELMAkGA1UE
>
> BhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNV
>
> BAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtNzg0MTE5MRwwGgYJ
>
> KoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
>
> lfVL/XL9lEftDwzL8oSWGzJq8jAWFdZgRRP0ufz7BcNhIQsUXGKnl5cf29Q7FZ5/nqybu5Pg0M3V
>
> Y3tBgDk8L6wDvsujyCxsZLwmek8jgrAb2Kk3HZY5y0yHkQSKQ2ASUBmvvx10MpYF1hsrPaZ2ZXqk
>
> IbWbI/XmzCsdPnWxRcPZ3AtLl1b0dB5G+vJ3TG2hlcoSHH2+MV3Zv/wRSTskBhsrpDwpHtz5BC7l
>
> gsSvtcd4FC5lCspD1SarZ9jguXCPcUgi7JkKWSYZOHRFFLYraG21CQwlNdb6MgulCTNyfM17i9sq
>
> IXbfIrO8YdGi0YCAoFX04p0tHP0lJbcf6KbNiQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAONbGS
>
> R/E99tsSARjOJQC2RO03jeyamRrUnNZVqL4S9zw49s7P0n9HakJ4Vb8H0aiOvVqNPwrkXmMuwjP7
>
> 9KCHbMDTGogo8CGxSl3bMJ3DNo+A/ecVaI4IgM6y4bCAst6f8EBopj39a7+r69HPU1fzqaPz2Cti
>
> CdZ07QiCt51B52eCU9TzdAdJLB1cCby3GfyAbszyTVS6ZFPoC814XF0K38u6pVz5Ab6dTQ5L1Jho
>
> iD4JTIJFN317io/0UsPwdLak325HjT7ufNxV+cR/zTedIvj8V6GEorfIYtGGUaq8M1xSqmwiJg0o
> YUEZhwOmNNHrRoqSWXGjEDzJKgtP1Fzn
> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
> use="signing">http://www.w3.org/2000/09/xmldsig#
> ">MIIDpDCCAoygAwIBAgIGAVuJmnDlMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEG
>
> A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU
>
> MBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi03ODQxMTkxHDAaBgkqhkiG9w0BCQEW
>
> DWluZm9Ab2t0YS5jb20wHhcNMTcwNDIwMDQyMzExWhcNMjcwNDIwMDQyNDExWjCBkjELMAkGA1UE
>
> BhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNV
>
> BAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtNzg0MTE5MRwwGgYJ
>
> KoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
>
> lfVL/XL9lEftDwzL8oSWGzJq8jAWFdZgRRP0ufz7BcNhIQsUXGKnl5cf29Q7FZ5/nqybu5Pg0M3V
>
> Y3tBgDk8L6wDvsujyCxsZLwmek8jgrAb2Kk3HZY5y0yHkQSKQ2ASUBmvvx10MpYF1hsrPaZ2ZXqk
>
> IbWbI/XmzCsdPnWxRcPZ3AtLl1b0dB5G+vJ3TG2hlcoSHH2+MV3Zv/wRSTskBhsrpDwpHtz5BC7l
>
> gsSvtcd4FC5lCspD1SarZ9jguXCPcUgi7JkKWSYZOHRFFLYraG21CQwlNdb6MgulCTNyfM17i9sq
>
> IXbfIrO8YdGi0YCAoFX04p0tHP0lJbcf6KbNiQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAONbGS
>
> R/E99tsSARjOJQC2RO03jeyamRrUnNZVqL4S9zw49s7P0n9HakJ4Vb8H0aiOvVqNPwrkXmMuwjP7
>
> 9KCHbMDTGogo8CGxSl3bMJ3DNo+A/ecVaI4IgM6y4bCAst6f8EBopj39a7+r69HPU1fzqaPz2Cti
>
> CdZ07QiCt51B52eCU9TzdAdJLB1cCby3GfyAbszyTVS6ZFPoC814XF0K38u6pVz5Ab6dTQ5L1Jho
>
> iD4JTIJFN317io/0UsPwdLak325HjT7ufNxV+cR/zTedIvj8V6GEorfIYtGGUaq8M1xSqmwiJg0o
> YUEZhwOmNNHrRoqSWXGjEDzJKgtP1Fznurn:oasis:names:tc:SAML:1.1:nameid-format:unspecifiedurn:oasis:names:tc:SAML:1.1:nameid-format:emailAddressurn:oasis:names:tc:SAML:2.0:nameid-format:persistenturn:oasis:names:tc:SAML:2.0:nameid-format:transient
> Binding="urn:oasis:names