Hello! I've had PaloAlto/Okta captive portal authentication working for awhile now. I recently upgraded Okta to Okta Identity Engine, and also upgraded my PA to the latest 10.x.x version. One of those upgrades appears to have broken the Okta/PA integration. SP initiated authentications STILL WORK. IDP initiated authentications do NOT WORK - they redirect to Okta for entering credentials, and then hang on the re-direct back to the PA. i.e, they hang on:
https://xxxxxxxx.okta.com/login/token/redirect?stateToken=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
The Okta logs show only successful authentications, and no errors. Thus Okta support says the issue is outside of their control.
Any suggestions?
Thank you!
... View more