<@U04UQ68083H> I get the following error when usin...
# ory-copilotb
bland-finland-95044
04/09/2025, 8:59 PM@chilly-king-10285 I get the following error when using a SAML integration in Ory. My IdP is Okta. This is after I've been redirected to Okta. I am running locally with ory tunnel. I have a similar configuration for OIDC that works
Copy code
{
"id": "aa3496fc-370a-4db2-8ed0-1d0467573690",
"error": {
"code": 400,
"debug": "key ory_kratos_oidc_auth_code_session does not exist in cookie: ory_kratos_continuity\<http://ngithub.com/ory/kratos/x.SessionGetString.func1|ngithub.com/ory/kratos/x.SessionGetString.func1>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/cookie.go:31|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/cookie.go:31>\<http://ngithub.com/ory/kratos/x.SessionGetString|ngithub.com/ory/kratos/x.SessionGetString>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/cookie.go:50|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/cookie.go:50>\<http://ngithub.com/ory/kratos/continuity.(*ManagerCookie).sessionID|ngithub.com/ory/kratos/continuity.(*ManagerCookie).sessionID>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/continuity/manager_cookie.go:119|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/continuity/manager_cookie.go:119>\<http://ngithub.com/ory/kratos/continuity.(*ManagerCookie).container|ngithub.com/ory/kratos/continuity.(*ManagerCookie).container>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/continuity/manager_cookie.go:135|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/continuity/manager_cookie.go:135>\<http://ngithub.com/ory/kratos/continuity.(*ManagerCookie).Continue|ngithub.com/ory/kratos/continuity.(*ManagerCookie).Continue>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/continuity/manager_cookie.go:77|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/continuity/manager_cookie.go:77>\<http://ngithub.com/ory/kratos/selfservice/strategy/oidc.(*Strategy).ValidateCallback|ngithub.com/ory/kratos/selfservice/strategy/oidc.(*Strategy).ValidateCallback>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/selfservice/strategy/oidc/strategy.go:372|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/selfservice/strategy/oidc/strategy.go:372>\<http://ngithub.com/ory/kratos/selfservice/strategy/oidc.(*Strategy).HandleCallback|ngithub.com/ory/kratos/selfservice/strategy/oidc.(*Strategy).HandleCallback>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/selfservice/strategy/oidc/strategy.go:453|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/selfservice/strategy/oidc/strategy.go:453>\<http://ngithub.com/ory-corp/cloud/kratos/kratos/internal/saml.(*Strategy).HandleCallback|ngithub.com/ory-corp/cloud/kratos/kratos/internal/saml.(*Strategy).HandleCallback>\n\<http://tgithub.com/ory-corp/cloud/kratos/kratos/internal/saml/saml_strategy.go:63|tgithub.com/ory-corp/cloud/kratos/kratos/internal/saml/saml_strategy.go:63>\<http://ngithub.com/ory/kratos/selfservice/strategy.disabledWriter|ngithub.com/ory/kratos/selfservice/strategy.disabledWriter>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/selfservice/strategy/handler.go:28|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/selfservice/strategy/handler.go:28>\<http://ngithub.com/ory-corp/cloud/kratos/kratos/internal/saml.(*Strategy).setRoutes.IsDisabled.func1|ngithub.com/ory-corp/cloud/kratos/kratos/internal/saml.(*Strategy).setRoutes.IsDisabled.func1>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/selfservice/strategy/handler.go:33|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/selfservice/strategy/handler.go:33>\<http://ngithub.com/ory/kratos/x.(*RouterPublic).GET.NoCacheHandle.func1|ngithub.com/ory/kratos/x.(*RouterPublic).GET.NoCacheHandle.func1>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/nocache.go:21|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/nocache.go:21>\<http://ngithub.com/ory/kratos/x.(*RouterPublic).Handle.NoCacheHandle.func1|ngithub.com/ory/kratos/x.(*RouterPublic).Handle.NoCacheHandle.func1>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/nocache.go:21|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/nocache.go:21>\<http://ngithub.com/julienschmidt/httprouter.(*Router).ServeHTTP|ngithub.com/julienschmidt/httprouter.(*Router).ServeHTTP>\n\<http://tgithub.com/julienschmidt/httprouter@v1.3.0/router.go:387|tgithub.com/julienschmidt/httprouter@v1.3.0/router.go:387>\<http://ngithub.com/ory/nosurf.(*CSRFHandler).handleSuccess|ngithub.com/ory/nosurf.(*CSRFHandler).handleSuccess>\n\<http://tgithub.com/ory/nosurf@v1.2.7/handler.go:212|tgithub.com/ory/nosurf@v1.2.7/handler.go:212>\<http://ngithub.com/ory/nosurf.(*CSRFHandler).ServeHTTP|ngithub.com/ory/nosurf.(*CSRFHandler).ServeHTTP>\n\<http://tgithub.com/ory/nosurf@v1.2.7/handler.go:169|tgithub.com/ory/nosurf@v1.2.7/handler.go:169>\<http://ngithub.com/ory/kratos/cmd/daemon.servePublic.MaxBytesHandler.func4|ngithub.com/ory/kratos/cmd/daemon.servePublic.MaxBytesHandler.func4>\n\tnet/http/server.go:4055\nnet/http.HandlerFunc.ServeHTTP\n\tnet/http/server.go:2294\<http://ngithub.com/urfave/negroni.(*Negroni).UseHandler.Wrap.func1|ngithub.com/urfave/negroni.(*Negroni).UseHandler.Wrap.func1>\n\<http://tgithub.com/urfave/negroni@v1.0.0/negroni.go:46|tgithub.com/urfave/negroni@v1.0.0/negroni.go:46>\<http://ngithub.com/urfave/negroni.HandlerFunc.ServeHTTP|ngithub.com/urfave/negroni.HandlerFunc.ServeHTTP>\n\<http://tgithub.com/urfave/negroni@v1.0.0/negroni.go:29|tgithub.com/urfave/negroni@v1.0.0/negroni.go:29>\<http://ngithub.com/urfave/negroni.middleware.ServeHTTP|ngithub.com/urfave/negroni.middleware.ServeHTTP>\n\<http://tgithub.com/urfave/negroni@v1.0.0/negroni.go:38|tgithub.com/urfave/negroni@v1.0.0/negroni.go:38>\<http://ngithub.com/ory/kratos/x.init.func1|ngithub.com/ory/kratos/x.init.func1>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/clean_url.go:15|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/x/clean_url.go:15>\<http://ngithub.com/urfave/negroni.HandlerFunc.ServeHTTP|ngithub.com/urfave/negroni.HandlerFunc.ServeHTTP>\n\<http://tgithub.com/urfave/negroni@v1.0.0/negroni.go:29|tgithub.com/urfave/negroni@v1.0.0/negroni.go:29>\<http://ngithub.com/urfave/negroni.middleware.ServeHTTP|ngithub.com/urfave/negroni.middleware.ServeHTTP>\n\<http://tgithub.com/urfave/negroni@v1.0.0/negroni.go:38|tgithub.com/urfave/negroni@v1.0.0/negroni.go:38>\<http://ngithub.com/ory/kratos/cmd/daemon.servePublic.func1|ngithub.com/ory/kratos/cmd/daemon.servePublic.func1>\n\<http://tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/cmd/daemon/serve.go:106|tgithub.com/ory/kratos@v1.3.1-0.20250407104818-53e733b5f005/cmd/daemon/serve.go:106>\<http://ngithub.com/urfave/negroni.HandlerFunc.ServeHTTP|ngithub.com/urfave/negroni.HandlerFunc.ServeHTTP>\n\<http://tgithub.com/urfave/negroni@v1.0.0/negroni.go:29|tgithub.com/urfave/negroni@v1.0.0/negroni.go:29>\<http://ngithub.com/urfave/negroni.middleware.ServeHTTP|ngithub.com/urfave/negroni.middleware.ServeHTTP>\n\<http://tgithub.com/urfave/negroni@v1.0.0/negroni.go:38|tgithub.com/urfave/negroni@v1.0.0/negroni.go:38>\nnet/http.HandlerFunc.ServeHTTP\n\tnet/http/server.go:2294\<http://ngithub.com/prometheus/client_golang/prometheus/promhttp.InstrumentHandlerResponseSize.func1|ngithub.com/prometheus/client_golang/prometheus/promhttp.InstrumentHandlerResponseSize.func1>\n\<http://tgithub.com/prometheus/client_golang@v1.21.1/prometheus/promhttp/instrument_server.go:296|tgithub.com/prometheus/client_golang@v1.21.1/prometheus/promhttp/instrument_server.go:296>\nnet/http.HandlerFunc.ServeHTTP\n\tnet/http/server.go:2294\<http://ngithub.com/prometheus/client_golang/prometheus/promhttp.InstrumentHandlerCounter.func1|ngithub.com/prometheus/client_golang/prometheus/promhttp.InstrumentHandlerCounter.func1>\n\<http://tgithub.com/prometheus/client_golang@v1.21.1/prometheus/promhttp/instrument_server.go:147|tgithub.com/prometheus/client_golang@v1.21.1/prometheus/promhttp/instrument_server.go:147>\nnet/http.HandlerFunc.ServeHTTP\n\tnet/http/server.go:2294\<http://ngithub.com/prometheus/client_golang/prometheus/promhttp.InstrumentHandlerDuration.func1|ngithub.com/prometheus/client_golang/prometheus/promhttp.InstrumentHandlerDuration.func1>\n\<http://tgithub.com/prometheus/client_golang@v1.21.1/prometheus/promhttp/instrument_server.go:97|tgithub.com/prometheus/client_golang@v1.21.1/prometheus/promhttp/instrument_server.go:97>",
"message": "no resumable session found",
"reason": "The browser does not contain the necessary cookie to resume the session. This is a security violation and was blocked. Please clear your browser's cookies and cache and try again!",
"status": "Bad Request"
},
"created_at": "2025-04-09T20:52:21.048379Z",
"updated_at": "2025-04-09T20:52:21.048379Z"
}b
brief-egg-61061
04/09/2025, 8:59 PMA message from kapa.ai
brief-egg-61061
04/09/2025, 8:59 PMBased on the error message you're seeing, it appears you're encountering a cookie-related issue with your SAML integration in Ory. The error indicates that the
ory_kratos_continuityory_kratos_continuitylocalhost127.0.0.1localhost127.0.0.1127.0.0.1localhost127.0.0.1localhostsession.cookie.persistentsession.cookie.persistentfalse--dev Copy code
ory tunnel --dev --project $PROJECT_SLUG <http://localhost:3000>--devory_kratos_continuity