OKTA OIE With DSSO SAML Login Fails With Permission Denied Error

search cancel

OKTA OIE With DSSO SAML Login Fails With Permission Denied Error

book

Article ID: 402303

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard Carbon Black Cloud Audit and Remediation (formerly Cb Live Ops) Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter) Carbon Black Cloud Workload

Issue/Introduction

After logging in with Okta, it redirects to support.broadcom.com with a "Permission Denied" error
- No error for onsite users (DSSO) or those added to the Allow List
- Error is only with remote users
Second attempt to login does not give any error
.HAR file shows no Relay State in the ACS (Assertion Consumer Service)

Environment

Carbon Black Cloud
Okta OIE and DSSO

Cause

Okta custom login page

Resolution

It's been noted that adding an exclusion for the Carbon Black / Broadcom application resolves the issue.

Feedback

thumb_up Yes

thumb_down No