June 29, 2017

Okta SSO - Error "Non-HTTPS url redirect is not supported in webview"

Purpose:
This post explains how to address the error "Non-HTTPS url redirect is not supported in webview" when using Okta SSO with Azure AD or other Azure SSO

Symptom:
When users try to log into their applications when Okta is implemented they get an error that states "Non-HTTPS url redirect is not supported in webview" This error may only occur on certain application but not all of them. Below is an example for SSO for MS Visual Studio.



Resolution:

Within your Okta administrative console navigate to Security>Authentication and scroll down to the Desktop Single Sign-On portion. Within there navigate to the Integrated Windows Authentication (IWA) Web applications. Within this configuration area review what you have setup and most likely this configuration is setup for http://oktaserver.domainname.com/iwa.

Cause:

The redirect from the Okta cloud to your on-prem SSO servers is not encrypted. 

SageLike Post ID: SL0019

Applies to:

Okta SSO and Azure AD