HTTP 405 error on AssertionConsumerService endpoint after return from third-party IDP
Problem
After redirecting from a third-party SAML identity provider, the Chrome browser shows a 405 error.
The SSO tomcat access log shows a 405 response.
No specific errors appears in the SSO diag log.
Solution
This error may indicate the browser is strictly applying samesite cookie rules. Verify that the situation does not occur on other browsers. If only in Chrome, please refer to https://www.ubisecure.com/technical-announcements/samesite-cookies-changes/ for more information for configuration changes.
Related articles