Team,
How to block SAML Replay attack to an OKTA integrated application.
The SAML response from Okta has the IssueInstant, NotBefore and NotOnOrAfter timestamps (usually, with a difference of 5 mins). So any replay after 5 mins is automatically void, unless your app does not honor NotOnOrAfter. If you are trying to implement some custom logic to not have the SAML replayed within the 5 mins window, you can probably add a logic that checks and tracks the SessionIndex which should be unique. But I would think that’s an overkill.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.