Problem
After configuring Single Sign-On (SSO) with Okta, users may encounter an error when logging in to Lansweeper.
Error message:
The request origin could not be verified. Unable to complete this login request.
An additional description may appear, indicating:
The request is missing redirect uri.
This error typically occurs when the Assertion Consumer Service (ACS) URL is not fully or correctly configured in Okta.
Solution
To resolve this issue, ensure that the Lansweeper ACS URL is correctly configured in Okta.
Step 1: Copy the IdP ACS URL from Lansweeper
- Log in to Lansweeper as an SSO Manager.
- To find the most recent connection parameters for your Lansweeper Site, go to Settings > Single Sign-On.
- Copy the IdP ACS (Assertion Consumer Service) URL displayed in the configuration by using the copy button.
Step 2: Update the SSO Configuration in Okta
- Log in to the Okta Admin Console.
- Go to Applications and select your Lansweeper SAML application.
- Update the SSO URL with the copied value from your Lansweeper Site.
Step 3: Add the ACS URL as an “Other Requestable SSO URL”
- Click Show Advanced Settings.
- In the Other Requestable SSO URLs section, add a new entry.
- Set the URL value to the current Lansweeper ACS URL: https://login.auth.lansweeperdev.com/samlv2/acs/
- Save the configuration changes.
Result
After making the above changes, Okta can properly validate the authentication request. Users should now be able to log in to Lansweeper successfully using SSO without encountering the redirect URI or request origin errors.
