Could not authenticate you from SAML because "Actioncontroller::invalidauthenticitytoken"

Hello, I’m having trouble logging into my gitlab instance using SAML with okta. I believe that the login is successful, after clicking on the ‘oktaSSO’ button I am redirected to okta and enter with my credentials, after being validated they are sent again to gitlab, but for some reason gitlab cannot redirect me inside after ‘okay’ do okta. I’m using only one instance of redis. and I already tried to put the flag skip_before_action :verify_authenticity_token. But it already exists in the controllers… So it didn’t work, I’m running out of alternatives. Can anybody help me?

Environment

Ubuntu 20.04.5 LTS

image714×846 35.5 KB

okta

image2140×1430 236 KB

Gitlab server

image1920×1077 212 KB

Login Page

image2140×1462 460 KB

It looks like that your provider is signing the requests, have a look here.

Well our gitlab is hosted at aws, and i cant get private key from ACM. is there any other way?

What about disabling the signing of the requests inside the SAML provider? It’s optional.

I disabled the signing of the requests in Okta, nothing change. =`(

Anyone else have any tips to help me?