When creating a plain SAML2 application in Okta, it gives you the option/a link to the metadata URL. For example:
https://dev-68712571.okta.com/app/exkrbaovxrb4x9eX85d7/sso/saml/metadata
However, that XML does not contain the “entityID” attribute, which is a required attribute of the element, according to the SAML2 specification:
(I tried to include a screen shot to point this out, but the forum won’t let me, saying, “New user can only include one media item.” Shame on you. I’m trying to provide the most relevant information I can, so that we can help each other, yet you enforce a stupid rule like that. Ridiculous.)
See page 10 of the SAML specification:
”2.3.2 Element
…
entityID [Required] Specifies the unique identifier of the SAML entity whose metadata is described by the element’s contents.”
How can I report this as a bug and be able to track it and know when it gets fixed and released?
Note, this is from trying to create an application by first clicking the “Browse App Catalog” button, then search for “SAML”. The “SAML Service Provider” app says, “Generic integration supporting any application that uses SAML 2.0”.
If instead I choose to add a new application and click the “Create App Integration” button and select “SAML 2.0”, then the metadata URL correctly has an “entityID” attribute.