The application using samly in dev mode is authenticating fine with Okta but when it redirects back to the app I am getting:
Plug.CSRFProtection.InvalidCSRFTokenError at POST /sso/auth/signin/okta_heimdall invalid CSRF (Cross Site Request Forgery) token, make sure all requests include a valid '_csrf_token' param or 'x-csrf-token' header
Does CSRF need to be disabled or is there a setting I am missing or possibly the redirect is wrong?
Hello,
The application using samly in dev mode is authenticating fine with Okta but when it redirects back to the app I am getting:
Plug.CSRFProtection.InvalidCSRFTokenError at POST /sso/auth/signin/okta_heimdall invalid CSRF (Cross Site Request Forgery) token, make sure all requests include a valid '_csrf_token' param or 'x-csrf-token' header
Does CSRF need to be disabled or is there a setting I am missing or possibly the redirect is wrong?