have been following the guidelines on Okta’s documentation on how to setup a SAML 2.0 auth as a Service Provider using Okta as IdP. Reference: SAML-enable your Python application | Okta Developer
And I’ve been using the code sample provided here: GitHub - jpf/okta-pysaml2-example: Example SAML Service Provider for Python/Flask using PySAML2
The authentication flow works, but I am confused on how my application would identify the associated Okta account. If I publish this application on Okta Integration network, the goal is anyone can use Okta to connect to my app.
But I receive a POST
request on same endpoint that requires a metadata file to decode the SAML request. I assume that Metadata file (or at least the cert) would be different for each account, so how do I identify associated account from the incoming request to even decode the request.
Is there an identifier associated with each company’s Okta account that I’m missing somewhere in the POST request?