I am trying to create an OpenID Connect Integration under Security → Identity Providers → Configure OpenID Connect but I get “403” error righ after I fill out and submit the form.
What could be the problem?
@mesut the 403 sounds like a permissions issue, what does your admin role/permissions look like?
It is trial account and I am Super Admin. I also get “step-authentication failure” along with 403.
I suspect this error is related to the step-up authentication that we require when creating/updating an Identity Provider (as this is a very privileged action) that is unable to challenge you for an additional authenticator for verification.
Can you try enrolling in a phishing-resistant authenticator, such as WebAuthn or Okta Verify, and then try to create your Identity Provider?
Hi @andrea ,
This is how enrollment looks like and as you can see, Okta Verify is mandatory. I use it already when I sign in but somehow I still get “perform step-up authentication” error when trying to create IdP.
I think I fixed the problem by increasing “Authentication required every” attribute to 10 min. and also unchecking create/modify identity providers protected action. Authentication required was 1 min. by default and because of that, I had to come that setting right after re-authenticate.
I hope that will help someone in here because I was stuck with this last 3 weeks. That was a frustrating but I did it. 
Thanks for help @andrea
1 Like