I would like to open a new case:
The saml2 authentication on our site is working the first time it is referenced, resulting in an authenticated session.
However, when I use that same session to re-authenticate (using ForceAuthn=”true”), the sent url gets “ dev-106187.oktapreview.com refused to connect.”
I cannot see why there is any difference in the messages, so why is it failing to re-authenticate?
I have some more information on this problem:
If the authenticate request is sent from a main page in the browser, it works fine, even with ForceAuthn=true and when the user has already authenticated.
HOWEVER, when the authenticate request to Okta is sent from a dependent popup page, the connection is refused. Apparently, Okta requires a full page to render its login.
Is there some workaround for this?