SAML issues using OKTA with NGNIX

I am currently using SonarQube 9.2, I have NGNIX setup and am trying to setup OKTA.

I have gone though the configuration with our OKTA admin and when I attempt to login using SAML I get the following error in my web.log:

==> web.log <==

2022.01.25 20:00:40 ERROR web[AX21XrNzNxXlmcQ7AJS6][c.o.s.a.SamlResponse] The response was received at instead of
2022.01.25 20:00:40 ERROR web[AX21XrNzNxXlmcQ7AJS6][c.o.saml2.Auth] processResponse error. invalid_response

I am not sure if this is a misconfiguration of NGNIX or something else I am also seeing this above:

2022.01.25 20:02:55 ERROR web[AX21XrNzNxXlmcQ7AJTT][c.o.saml2.Auth] processResponse error.SAML Response not found, Only supported HTTP_POST Binding
2022.01.25 20:02:55 WARN  web[AX21XrNzNxXlmcQ7AJTT][o.s.s.a.AuthenticationError] Fail to callback authentication with 'saml'
java.lang.IllegalStateException: Fail to process response
        at org.sonar.auth.saml.SamlIdentityProvider.processResponse(

Hey there.

Make sure you are setting the header

X-Forwarded-Proto https;

as noted in the documentation on Securing your Server behind a Proxy.

At the very least, let’s make sure you make it past the current error before diving deeper in the logs :slight_smile:

I am already setting that in my NGNIX configuration

    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto https;

I am still getting the same error in my web.log

Anyone else have any ideas I am still stuck


Maybe this thread will help:

Also this:


Not really one of the links you gave me shows the exact error I am seeing and there is no resolution in that forum post.

Additional log files if helpful:


=> web.2022-01-24.log <==
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(
	at java.base/java.util.concurrent.ThreadPoolExecutor$
	at org.apache.tomcat.util.threads.TaskThread$
	at java.base/
Caused by: com.onelogin.saml2.exception.Error: SAML Response not found, Only supported HTTP_POST Binding
	at com.onelogin.saml2.Auth.processResponse(

I need to create a user on the sonarqube side right to login? I have done that and it still does not work.