SonarQube AUTH fails via Okta as IDP as a SAML identity provider

When trying to log-in with SAML I got the following issue :

You’re not authorized to access this page. Please contact the administrator.
Reason: The response was received at http://…/oauth2/callback/saml instead of https://…/oauth2/callback/saml

Note: SonarQube was installed on EKS by helm chart

Hey there.

Make sure you are setting the header

X-Forwarded-Proto https;

as noted in the documentation on Securing your Server behind a Proxy .

It is working fine when log in via SAML from Sonar website…
But still got an error when trying to open Sonarqube from OKTA dashboard, I got the following issue
Screen Shot 2024-01-28 at 16.16.58

and when click on Home, it’s redirect to sonarqube Log-in page

I suggest digging into your instance’s web.log file (log level can be increased from the global Administration > System > Log Level)

And, i’m curious, what URL is being hit when you initate the login from your Okta dashboard? For example, our internal instance uses https://<url>/sessions/init/saml?return_to=/

from logs I got the following issue :
“login failure [cause|Cookie ‘OAUTHSTATE’ is missing][method|OAUTH2]”
and found that IdP-initiated logins are not supported. We need to use an SP-initiated login URL…
So Okta as IDP can’t initiated logins to sonar?? and which SP are you using ?

We managed to do IDP-initiated login internally, which is why I’m curious about this:

We use JumpCloud internally.