Team,
How to block SAML Replay attack to an OKTA integrated application.
Team,
How to block SAML Replay attack to an OKTA integrated application.
The SAML response from Okta has the IssueInstant, NotBefore and NotOnOrAfter timestamps (usually, with a difference of 5 mins). So any replay after 5 mins is automatically void, unless your app does not honor NotOnOrAfter. If you are trying to implement some custom logic to not have the SAML replayed within the 5 mins window, you can probably add a logic that checks and tracks the SessionIndex which should be unique. But I would think that’s an overkill.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.