I’ve created an OKTA app where I have defined the login url on my service provider. When the request arrives to my service I have some general security logic on which I check the origin of the requests. I do so by check the origin header of the request. For some reason when I get the login request from OKTA the value of that header is null.
Is there some configuration controlling it? Is it a known issue? A bug?