Login Macro with Okta


We are using WebInspect 21.1 and over the last week or so seem to having issues getting our login macros to work with Okta. Macros that worked a few weeks ago are now failing to play. 

We are able to login and authenticate, but when the Okta page attempts to redirect us to the application, it fails. I'm guessing that some token is not getting passed through and is preventing the redirect. 

Since we have no updated anything within Fortify since the Summer, I'm also guessing that something has changed with either our Okta login page or the Okta service itself.

Does anyone have any ideas of what may be causing this issue, or suggestions on debugging the problem?


Brad Nance

  • Are you receiving any error(s)? You can also take a look at the Network tab in Developer's Tools (F12) to get a better understanding of what is happening. Also, looking at the Browser Console may help as well (Ctrl + Shift + J).

  • No errors are being shown in the TruClient application. I've used the inspector and console tools to see what I could find out is causing this issue. However, nothing of value is being found there. 

    I suspect that a token (XSRF, CSRF) is not being passed through or being rejected somewhere in the process. We can see that authentication is working, but we never get to the application after being authenticated. 

    We are checking with our internal SSO team and Okta to see what changes might have been made in the last 30 days.

    Any other thoughts? 

    I apprecaite your help!