We have a test app written as ASP.NET MVC (.Net Framework) it was largely based on this quickstart:
We are doing this with our free developer account.
However we are now trying to make this work with HTTPS and we’ve setup a new Okta app and made all of the URLs HTTP and configured the Okta settings in the app accordingly, there’s no sign of “http” anywhere on either side.
However we get this problem:
Okta does a HTTPS POST to the callback after a user signs in with valid credeentials.
The callback then does a 302 redirect to the app SignOn but as HTTP and not HTTPS!
We are stumped, we cannot see any configuration on either side that can explain this.
Is this a side effect of our having a developer account?