Vault Auth with Okta

[Ashit Acharya]

Hello all,

Hope you doing great! We have a setup of Vault cluster and we are trying to authenticate Vault with Okta. Have enabled auth and configured it:

vault auth enable okta vault write auth/okta/config base_url="BASE_URL" organization="ORG" token="TOKEN"

Whenever I trying to authenticate against Okta in the Vault UI, I am getting this error:

Authentication failed: Okta auth failed: HTTP Method: POST - URL: https://org.okta.com/api/v1/authn: - HTTP Status Code: 401, OKTA Error Code: E0000004, OKTA Error Summary: Authentication failed, OKTA Error Causes: []

The catch is we are using IDP as Google. Login requests are being sent to Google. In Okta we configured google as IDP.

If I save a user's credentials in the Okta itself then it works. So, is there a way to authenticate via Okta when IDP is Google?

Thanks,

Ashit Acharya

[nagaraju balusa]

Hi Ashit,

Did you manage to get this working by any chance we would like to do the same setup but if the integration is not trivial may be we pass.

Let me know how to get this working.

Regards,
Raj. 

[newbie]

Hi Ashit/Raj/Team,

Did you manage to solve the issue? I am facing same issue.

Anyone please help us to resolve the issue.

Thanks

[Alexandra Freeman]

Hello and thank you for your email!

On June 3, 2019 HashiCorp launched Discuss, a forum to facilitate dialogue within the HashiCorp community. This format allows answers to be more readily searched and indexed, making it easier to find answers to existing questions and to share knowledge with each other.

The HashiCorp team will be shifting to interact with practitioners on the forum, and we will be phasing out the Google Groups; on September 15, inbound messages to this group will be disabled, and it will be used for outbound announcements only.

To prepare for this switch, please direct questions and conversations to the Vault discussion forum. We look forward to collaborating with you there!