<html><body><div style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: #000000"><div>Hi Gus,</div><div><br data-mce-bogus="1"></div><div>Let me join the communication.</div><div><br data-mce-bogus="1"></div><div>Lukas tried to help you within limited time that he could dedicate to the community. His main responsibilities are development activities to make midPoint even better for the whole community. Based on this he mainly follows Jira tickets of platform subscribers and customers with active product support.</div><div><br data-mce-bogus="1"></div><div>On the other hand, if you would like to engage our team with the issue, and provide detailed analysis with possible solution, you might be interested in our commercial services. In case of activated a services, we dedicate available techie to help our customer with their issues.</div><div>We provide different services for different purposes.</div><div>Would you be interested?</div><div><br data-mce-bogus="1"></div><div data-marker="__SIG_PRE__"><div><span style="font-family:'times new roman' , 'new york' , 'times' , serif;font-size:small">Best regards,</span></div><div><span style="font-family:'times new roman' , 'new york' , 'times' , serif;font-size:small"><strong>Martina Benckova</strong> | Sales Manager</span></div><div><a href="https://evolveum.com/" target="_blank" rel="nofollow noopener noreferrer"><img src="cid:e23d6a60126a8789d36a63e6102a4ff8c94cb1bd@zimbra" width="201" height="49" data-mce-src="https://mail.evolveum.com/home/mbenckova@evolveum.com/Briefcase/evolveum logo.png" doc="Briefcase/evolveum logo.png"></a></div><div><span style="font-family:'times new roman' , 'new york' , 'times' , serif;font-size:x-small">mbenckova@evolveum.com | www.evolveum.com </span></div><div><span style="font-family:'times new roman' , 'new york' , 'times' , serif;font-size:x-small">tel: +421 948 940 888</span></div><div><span style="font-family:'arial' , 'helvetica' , sans-serif;font-size:x-small"><a href="https://www.facebook.com/evolveum/" target="_blank" rel="nofollow noopener noreferrer"><img src="cid:c422b3e8dac8cd3bce973c8715f50333f218e1a1@zimbra" width="35" height="34" data-mce-src="https://mail.evolveum.com/home/mbenckova@evolveum.com/Briefcase/Facebook.png" doc="Briefcase/Facebook.png"></a> <a href="https://www.linkedin.com/company/evolveum" target="_blank" rel="nofollow noopener noreferrer"><img src="cid:03eaeece01133df9372e6ab978f9e59f16c4cb28@zimbra" width="33" height="33" data-mce-src="https://mail.evolveum.com/home/mbenckova@evolveum.com/Briefcase/LinkedIn.png" doc="Briefcase/LinkedIn.png"></a> <a href="https://twitter.com/Evolveum" target="_blank" rel="nofollow noopener noreferrer"><img src="cid:5d1d2ada9e092e57e260aec55594bb629de057b6@zimbra" data-mce-src="https://mail.evolveum.com/home/mbenckova@evolveum.com/Briefcase/Twitter.png" width="34" height="33" doc="Briefcase/Twitter.png"></a></span></div><div><span style="font-family:'arial' , 'helvetica' , sans-serif;font-size:x-small"><span style="font-family:'arial' , 'helvetica' , sans-serif;font-size:x-small"></span></span><p class="p1" style="margin:0px;font-family:'times new roman' , serif;background-color:#fdfdfd"><span style="font-family:'times new roman' , 'new york' , 'times' , serif;font-size:x-small"><span id="DWT4609" class="ZmSearchResult" style="background-color:rgb( 255 , 255 , 255 )">Disclaimer</span>:</span></p><span style="font-family:'times new roman' , 'new york' , 'times' , serif;font-size:x-small"></span><p class="p1" style="margin:0px;font-family:'times new roman' , serif;background-color:#fdfdfd"><span style="font-family:'times new roman' , 'new york' , 'times' , serif;font-size:x-small">The contents of this e-mail and attachment(s) thereto are confidential and intended for the named recipient(s) only. It shall not attach any liability on the originator or Evolveum s.r.o. or its affiliates. Any views or opinions presented in this email are solely those of the author and may not necessarily reflect the opinions of Evolveum s.r.o. or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately.</span></p></div></div><div><br></div><hr id="zwchr" data-marker="__DIVIDER__"><div data-marker="__HEADERS__"><b>From: </b>"Lukas Skublik" <lukas.skublik@evolveum.com><br><b>To: </b>midpoint@lists.evolveum.com<br><b>Sent: </b>Thursday, August 20, 2020 9:37:04 AM<br><b>Subject: </b>Re: [midPoint] Midpoint - SAML 2.0 - Okta IdP - Flex-Auth?<br></div><div><br></div><div data-marker="__QUOTED_TEXT__"><p>Hello Gus,<br>
I analysed log file, but I found nothing relevant. <br>
<br>
Regards,<br>
Lukas Skublik.<br>
</p>
<div class="moz-cite-prefix">On 19. 8. 2020 15:10, Gus Lou wrote:<br>
</div>
<blockquote>
<div dir="ltr">
<div dir="ltr">Hi Lukas<br>
<div><br>
</div>
<div>
<div>I activated the debug level in the midpoint log, but
found nothing relevant.</div>
<div>I attached the log for analysis</div>
<div>Thank you very much</div>
</div>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Em qua., 19 de ago. de 2020 às
02:54, Lukas Skublik <<a href="mailto:lukas.skublik@evolveum.com" target="_blank" rel="nofollow noopener noreferrer">lukas.skublik@evolveum.com</a>>
escreveu:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb( 204 , 204 , 204 );padding-left:1ex">
<div>
<p>Hello Gus,<br>
can you send me your log file. Maybe you see wrong error
message.</p>
<p>Regards<br>
Lukas Skublik<br>
</p>
<div>On 18. 8. 2020 23:35, Gus Lou wrote:<br>
</div>
<blockquote>
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">Hi Alexandre</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">Thank you very much
<div><br>
</div>
<div>
<div>I made the modifications suggested by you
and Lukas.</div>
<div>Something is still wrong, after
authenticating with the IdP and returning to
the midpoint I get the message:</div>
<div>Midpoint saml module doesn't receive
response from Identity Provider server ..</div>
<div>The strange thing is that through the
Saml Tracer tool, I can verify that there
was a request and a response.</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>Saml Request:</div>
<div><br>
</div>
<div><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2p:AuthnRequest</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2p</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:protocol"</span>
<span style="color:rgb( 221 , 0 , 169 )">AssertionConsumerServiceURL</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://midpoint-02.xyz.net/midpoint/auth/default/oktaidp/SSO/alias/okta" target="_blank" rel="nofollow noopener noreferrer">http://midpoint-02.xyz.net/midpoint/auth/default/oktaidp/SSO/alias/okta</a>"</span>
<span style="color:rgb( 221 , 0 , 169 )">Destination</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="https://dev-601301.okta.com/app/xyzdev601301_midpoint_1/xxxxxx4x6/sso/saml" target="_blank" rel="nofollow noopener noreferrer">https://dev-601301.okta.com/app/xyzdev601301_midpoint_1/xxxxxx4x6/sso/saml</a>"</span>
<span style="color:rgb( 221 , 0 , 169 )">ForceAuthn</span>=<span style="color:rgb( 0 , 62 , 170 )">"false"</span>
<span style="color:rgb( 221 , 0 , 169 )">ID</span>=<span style="color:rgb( 0 , 62 , 170 )">"ARQ271eea6-dbee-4ff2-9bc7-d119aa71b00b"</span>
<span style="color:rgb( 221 , 0 , 169 )">IsPassive</span>=<span style="color:rgb( 0 , 62 , 170 )">"false"</span>
<span style="color:rgb( 221 , 0 , 169 )">IssueInstant</span>=<span style="color:rgb( 0 , 62 , 170 )">"2020-08-18T21:14:01.266Z"</span>
<span style="color:rgb( 221 , 0 , 169 )">ProtocolBinding</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"</span>
<span style="color:rgb( 221 , 0 , 169 )">Version</span>=<span style="color:rgb( 0 , 62 , 170 )">"2.0"</span>
></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:Issuer</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:assertion"</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">sp_midpoint</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:Issuer</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2p:NameIDPolicy</span> <span style="color:rgb( 221 , 0 , 169 )">AllowCreate</span>=<span style="color:rgb( 0 , 62 , 170 )">"true"</span>
<span style="color:rgb( 221 , 0 , 169 )">Format</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"</span>
/></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2p:AuthnRequest</span>></span><br>
</div>
<div><br>
</div>
<div>Saml Response:</div>
<div><br>
</div>
<div><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2p:Response</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2p</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:protocol"</span>
<span style="color:rgb( 221 , 0 , 169 )">Destination</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://midpoint-02.xyz.net/midpoint/auth/default/oktaidp/SSO/alias/okta" target="_blank" rel="nofollow noopener noreferrer">http://midpoint-02.xyz.net/midpoint/auth/default/oktaidp/SSO/alias/okta</a>"</span>
<span style="color:rgb( 221 , 0 , 169 )">ID</span>=<span style="color:rgb( 0 , 62 , 170 )">"id369598233453735443745710"</span>
<span style="color:rgb( 221 , 0 , 169 )">InResponseTo</span>=<span style="color:rgb( 0 , 62 , 170 )">"ARQ271eea6-dbee-4ff2-9bc7-d119aa71b00b"</span>
<span style="color:rgb( 221 , 0 , 169 )">IssueInstant</span>=<span style="color:rgb( 0 , 62 , 170 )">"2020-08-18T21:14:02.181Z"</span>
<span style="color:rgb( 221 , 0 , 169 )">Version</span>=<span style="color:rgb( 0 , 62 , 170 )">"2.0"</span>
></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:Issuer</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:assertion"</span>
<span style="color:rgb( 221 , 0 , 169 )">Format</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:nameid-format:entity"</span>
></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><a href="http://www.okta.com/xxxxxxxxxxx4x6" target="_blank" rel="nofollow noopener noreferrer">http://www.okta.com/xxxxxxxxxxx4x6</a></span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:Issuer</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Signature</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:ds</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2000/09/xmldsig#" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2000/09/xmldsig#</a>"</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:SignedInfo</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:CanonicalizationMethod</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2001/10/xml-exc-c14n#</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:SignatureMethod</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2001/04/xmldsig-more#rsa-sha256</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Reference</span> <span style="color:rgb( 221 , 0 , 169 )">URI</span>=<span style="color:rgb( 0 , 62 , 170 )">"#id369598233453735443745710"</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Transforms</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Transform</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2000/09/xmldsig#enveloped-signature" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2000/09/xmldsig#enveloped-signature</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Transform</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2001/10/xml-exc-c14n#</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:Transforms</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:DigestMethod</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2001/04/xmlenc#sha256" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2001/04/xmlenc#sha256</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:DigestValue</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">eOe03vp5gwQQ/4RERzhnfkVpxbxfb8Ek0OQHbyNXcL4=</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:DigestValue</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:Reference</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:SignedInfo</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:SignatureValue</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">Opuurv0kgPnDHbxXpe2wzDhDJs6tGoRrHLc+XwIUpxtyLxwh+/4QBPmanZUWepBygLOM223ql7vfpD6e37Zr1iWNAA7Dub9Dc2HIo8igDB1i7wRSvJGWaX+BZLc8mF+CQ9jLT3vinalejcfGicVOS06CygG3ztb7QlBZJmj</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:SignatureValue</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:KeyInfo</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:X509Data</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:X509Certificate</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">MIIDpDCCAoygAwIBAgIGAXOn7be0MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEG
A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU
9u92XgEJLCIVs0onGbhUfoI5r702fcEM</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:X509Certificate</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:X509Data</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:KeyInfo</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:Signature</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2p:Status</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2p</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:protocol"</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2p:StatusCode</span> <span style="color:rgb( 221 , 0 , 169 )">Value</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:status:Success"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2p:Status</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:Assertion</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:assertion"</span>
<span style="color:rgb( 221 , 0 , 169 )">ID</span>=<span style="color:rgb( 0 , 62 , 170 )">"id3695982334609027802744130"</span>
<span style="color:rgb( 221 , 0 , 169 )">IssueInstant</span>=<span style="color:rgb( 0 , 62 , 170 )">"2020-08-18T21:14:02.181Z"</span>
<span style="color:rgb( 221 , 0 , 169 )">Version</span>=<span style="color:rgb( 0 , 62 , 170 )">"2.0"</span>
></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:Issuer</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:assertion"</span>
<span style="color:rgb( 221 , 0 , 169 )">Format</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:nameid-format:entity"</span>
></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><a href="http://www.okta.com/xxxxxxxxx4x6" target="_blank" rel="nofollow noopener noreferrer">http://www.okta.com/xxxxxxxxx4x6</a></span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:Issuer</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Signature</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:ds</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2000/09/xmldsig#" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2000/09/xmldsig#</a>"</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:SignedInfo</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:CanonicalizationMethod</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2001/10/xml-exc-c14n#</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:SignatureMethod</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2001/04/xmldsig-more#rsa-sha256</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Reference</span> <span style="color:rgb( 221 , 0 , 169 )">URI</span>=<span style="color:rgb( 0 , 62 , 170 )">"#id3695982334609027802744130"</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Transforms</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Transform</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2000/09/xmldsig#enveloped-signature" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2000/09/xmldsig#enveloped-signature</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:Transform</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2001/10/xml-exc-c14n#</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:Transforms</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:DigestMethod</span> <span style="color:rgb( 221 , 0 , 169 )">Algorithm</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://www.w3.org/2001/04/xmlenc#sha256" target="_blank" rel="nofollow noopener noreferrer">http://www.w3.org/2001/04/xmlenc#sha256</a>"</span> /></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:DigestValue</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">g8vVhT6anU1xJOXQH9IrsOIpWG1YZN9GVIWFXVd9zFk=</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:DigestValue</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:Reference</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:SignedInfo</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:SignatureValue</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">nFK/0DyI7SpavUD3FPdr7BU1wSMIJl3NR4efPDKfZeZMhPGOX3lurD5lHSceulzGLcZbsOmPnEn1pLsFCOefihVC/SmkNNBHB/uCbKdrgmcQ4Q+xuBEuoUXopG80Xx3sMWZa0lSRAgAcM0sJb6EynmyifxBJ4n0/P9/ANIH</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:SignatureValue</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:KeyInfo</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:X509Data</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">ds:X509Certificate</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">MIIDpDCCAoygAwIBAgIGAXOn7be0MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEG
A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU
DY2IxhhuxGPHLqFT/YfO/RmJd9keXfM9lIiJl1+9N8eFskiMwUlV0RriPU9GEGt2fJRZxZqw/c7A
9u92XgEJLCIVs0onGbhUfoI5r702fcEM</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:X509Certificate</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:X509Data</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:KeyInfo</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">ds:Signature</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:Subject</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:assertion"</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:NameID</span> <span style="color:rgb( 221 , 0 , 169 )">Format</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><a href="mailto:john.doe@xyz.net" target="_blank" rel="nofollow noopener noreferrer">john.doe@xyz.net</a></span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:NameID</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:SubjectConfirmation</span> <span style="color:rgb( 221 , 0 , 169 )">Method</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:cm:bearer"</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:SubjectConfirmationData</span> <span style="color:rgb( 221 , 0 , 169 )">InResponseTo</span>=<span style="color:rgb( 0 , 62 , 170 )">"ARQ271eea6-dbee-4ff2-9bc7-d119aa71b00b"</span>
<span style="color:rgb( 221 , 0 , 169 )">NotOnOrAfter</span>=<span style="color:rgb( 0 , 62 , 170 )">"2020-08-18T21:19:02.181Z"</span>
<span style="color:rgb( 221 , 0 , 169 )">Recipient</span>=<span style="color:rgb( 0 , 62 , 170 )">"<a href="http://midpoint-02.xyz.net/midpoint/auth/default/oktaidp/SSO/alias/okta" target="_blank" rel="nofollow noopener noreferrer">http://midpoint-02.xyz.net/midpoint/auth/default/oktaidp/SSO/alias/okta</a>"</span>
/></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:SubjectConfirmation</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:Subject</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:Conditions</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:assertion"</span>
<span style="color:rgb( 221 , 0 , 169 )">NotBefore</span>=<span style="color:rgb( 0 , 62 , 170 )">"2020-08-18T21:09:02.181Z"</span>
<span style="color:rgb( 221 , 0 , 169 )">NotOnOrAfter</span>=<span style="color:rgb( 0 , 62 , 170 )">"2020-08-18T21:19:02.181Z"</span>
></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:AudienceRestriction</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:Audience</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">okta</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:Audience</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:AudienceRestriction</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:Conditions</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:AuthnStatement</span> <span style="color:rgb( 221 , 0 , 169 )">xmlns:saml2</span>=<span style="color:rgb( 0 , 62 , 170 )">"urn:oasis:names:tc:SAML:2.0:assertion"</span>
<span style="color:rgb( 221 , 0 , 169 )">AuthnInstant</span>=<span style="color:rgb( 0 , 62 , 170 )">"2020-08-18T21:14:02.181Z"</span>
<span style="color:rgb( 221 , 0 , 169 )">SessionIndex</span>=<span style="color:rgb( 0 , 62 , 170 )">"ARQ271eea6-dbee-4ff2-9bc7-d119aa71b00b"</span>
></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:AuthnContext</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"><<span style="color:rgb( 0 , 116 , 232 )">saml2:AuthnContextClassRef</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:AuthnContextClassRef</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:AuthnContext</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:AuthnStatement</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2:Assertion</span>></span><span style="color:rgb( 68 , 68 , 68 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap">
</span><span style="color:rgb( 220 , 45 , 37 );font-family:'consolas' , 'lucida console' , 'courier' , monospace;font-size:10.6667px;white-space:pre-wrap"></<span style="color:rgb( 0 , 116 , 232 )">saml2p:Response</span>></span></div>
<div><br>
</div>
<div>---------------------------------------------------------------------------------------------</div>
<div><br>
</div>
<div><br>
</div>
<div>Regards</div>
<div><br>
</div>
<div>Gus</div>
</div>
</div>
</div>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Em ter., 18 de ago. de
2020 às 02:28, Alexandre Zia <<a href="mailto:alexandre.zia@ifood.com.br" target="_blank" rel="nofollow noopener noreferrer">alexandre.zia@ifood.com.br</a>>
escreveu:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb( 204 , 204 , 204 );padding-left:1ex">
<div dir="ltr">
<div>I've just changed a few things, based on your
config, <br>
</div>
<div><br>
</div>
<saml2><br>
<name>oktaidp</name><br>
<description>Enterprise SAML-based SSO
system</description><br>
<network><br>
<readTimeout>10000</readTimeout><br>
<connectTimeout>5000</connectTimeout><br>
</network><br>
<serviceProvider><br>
<entityId>sp_midpoint</entityId><br>
<aliasForPath>okta</aliasForPath><br>
<signRequests>false</signRequests><br>
<wantAssertionsSigned>true</wantAssertionsSigned><br>
<singleLogoutEnabled>true</singleLogoutEnabled><br>
<nameId>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</nameId><br>
<provider><br>
<entityId><a href="http://www.okta.com/xxxxxxxxxxxx4x6" target="_blank" rel="nofollow noopener noreferrer">http://www.okta.com/xxxxxxxxxxxx4x6</a></entityId><br>
<alias>SSO-Okta</alias><br>
<metadata><br>
<xml>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</xml><br>
</metadata><br>
<skipSslValidation>false</skipSslValidation><br>
<linkText>Okta</linkText><br>
<authenticationRequestBinding>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST</authenticationRequestBinding><br>
<nameOfUsernameAttribute>uid</nameOfUsernameAttribute><br>
</provider><br>
</serviceProvider><br>
</saml2><br>
<br>
<br>
And your ACS url will be something like this: <a href="http://midpoint-02.xyz.net/midpoint/auth/default/oktaidp/SSO/alias/okta" target="_blank" rel="nofollow noopener noreferrer">http://midpoint-02.xyz.net/midpoint/auth/default/oktaidp/SSO/alias/okta</a><br>
<div><br>
</div>
<br>
<div><br>
</div>
<div><br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, Aug 17,
2020 at 2:24 PM Gus Lou <<a href="mailto:gugalou38@gmail.com" target="_blank" rel="nofollow noopener noreferrer">gugalou38@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb( 204 , 204 , 204 );padding-left:1ex">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">Hi Luca</div>
<div dir="ltr">Thank you very much
for your help. I had not
configured this option yet.
<div>
<div>I did the suggested
configuration, now the link to
the IdP in the midpoint
interface is correct.</div>
<div>But when I click on the
link to the IdP and do the
authentication and get the
reply back to the midpoint I
get an error:</div>
<div><span style="background-color:rgb( 255 , 255 , 255 )"><font color="#000000"><i>Midpoint
saml module doesn't
receive response from
Identity Provider
server.</i><br>
</font></span></div>
<div><span style="background-color:rgb( 255 , 255 , 255 )"><font color="#000000"><span style="display:inline-block;margin:0px;line-height:1"><i><font face="Source Sans
Pro, Helvetica Neue,
Helvetica, Arial,
sans-serif"><span style="font-size:14px">Authentication
failed, and as a
consequence was
restarted
authentication
flow</span></font></i></span></font></span></div>
<div>(probably due to the fact
that the midpoint ACS url in
the IdP is not correct.)</div>
<div><br>
</div>
<div>I need to find out what the
Midpoint Assertion Consumer
Service (ACS) URL is to report
on the IdP.</div>
</div>
<div><br>
</div>
<div>Print Screen after IdP
Authentication failed</div>
<div>
<div><img src="cid:part25.21E17450.58F24629@evolveum.com" alt="image.png" class="" width="541" height="226"><br>
</div>
</div>
<div><br>
</div>
<div>Regards<br>
</div>
<div><br>
</div>
<div>Gus</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Em seg., 17 de
ago. de 2020 às 03:18, Lukas Skublik <<a href="mailto:lukas.skublik@evolveum.com" target="_blank" rel="nofollow noopener noreferrer">lukas.skublik@evolveum.com</a>>
escreveu:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb( 204 , 204 , 204 );padding-left:1ex">
<div>
<p>Hello Gus,<br>
<br>
you try configure attribute
systemConfiguration/infrastructure/publicHttpUrlPattern
to '<a href="http://midpoint-02.xyz.net/midpoint" target="_blank" rel="nofollow noopener noreferrer">http://midpoint-02.xyz.net/midpoint</a>'.<br>
<br>
Regards,<br>
Lukas Skublik<br>
</p>
<div>On 6. 8. 2020 0:00, Gus Lou wrote:<br>
</div>
<blockquote>
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">Hi Guys
<div>
<div>Anyone here
already integrated
Midpoint with
Okta's solution to
provide Midpoint
authentication
through the SAML
2.0 protocol?</div>
<div>I created a
free developer
account on Okta
and I am trying to
make the SAML
settings following
the guidelines
below:</div>
<div><br>
</div>
<div><b>Midpoint
Wiki:</b> </div>
<div><a href="https://wiki.evolveum.com/display/midPoint/Flexible+Authentication+Configuration" target="_blank" rel="nofollow noopener noreferrer">https://wiki.evolveum.com/display/midPoint/Flexible+Authentication+Configuration</a></div>
<div><br>
</div>
<div><b>Git Example
Security-policy-flexible-authentication:</b> </div>
<div><a href="https://github.com/Evolveum/midpoint-samples/blob/master/samples/policy/security/security-policy-flexible-authentication.xml" target="_blank" rel="nofollow noopener noreferrer">https://github.com/Evolveum/midpoint-samples/blob/master/samples/policy/security/security-policy-flexible-authentication.xml</a></div>
<div><br>
</div>
<div><b>Okta Example
- SAML Spring
Security:</b></div>
<div><a href="https://developer.okta.com/code/java/spring_security_saml/" target="_blank" rel="nofollow noopener noreferrer">https://developer.okta.com/code/java/spring_security_saml/</a></div>
<div><a href="https://github.com/oktadeveloper/okta-spring-boot-saml-example" target="_blank" rel="nofollow noopener noreferrer">https://github.com/oktadeveloper/okta-spring-boot-saml-example</a></div>
<div><br>
</div>
<div>I understand
that Okta is the
Identity Provider
IdP and Midpoint
is the Service
Provider SP.</div>
<div>After trying to
make the settings
I had some doubts:</div>
<div><br>
</div>
<div>What is the
Midpoint uri that
receives the IdP
response?</div>
<div>What is the
Midpoint url that
I should use to
perform the
authentication of
the IdP (Okta).
Because when I try
to inform an
existing user in
the IdP an error
appears and a
screen with the
link of the IdP
(in this part
there is another
error that I
couldn't solve the
midpoint displays
the internal
address <a href="https://127.0.0.1/" target="_blank" rel="nofollow noopener noreferrer">https://127.0.0.1/</a></div>
</div>
<div><br>
</div>
<div>Some Informations
from my Lab:</div>
<div><br>
</div>
<div><b>Print-01 Midpoint
- Authentatication
GUI</b> (the user
john.doe, does not
exist at midpoint
but exists at IdP)</div>
<div>
<div><img src="cid:part33.EC41702E.930F4185@evolveum.com" alt="image.png" class="" width="541" height="190"><br>
</div>
</div>
<div><br>
</div>
<div><b>Print-02 </b></div>
<div>
<div>After I try to
authenticate, I
get the error
message:</div>
<div><i><u><font style="background-color:rgb( 243 , 243 , 243 )" color="#ff0000">Couldn't authenticate user, reason: couldn't encode
password.</font></u></i></div>
</div>
<div>
<div><img src="cid:part34.D425EF71.62089C82@evolveum.com" alt="image.png" class="" width="541" height="207"><br>
</div>
</div>
<div><br>
</div>
<div><b>Print-03</b></div>
<div>
<div>The link to the
idp Okta is
displaying the
midpoint's
internal address:</div>
<div><b><font color="#ff0000"><a href="http://127.0.0.1:8080/" target="_blank" rel="nofollow noopener noreferrer">http://127.0.0.1:8080/</a></font></b>midpoint/auth/default/oktaidp/discovery?idp=http%3A%2F%<a href="http://2Fwww.okta.com" target="_blank" rel="nofollow noopener noreferrer">2Fwww.okta.com</a>%2Fexko4d721K5vASKoJ4x6</div>
<div><br>
</div>
<div>Instead of the
hostname address:</div>
<div><b><font color="#0000ff"><a href="http://midpoint-02.xyz.net" target="_blank" rel="nofollow noopener noreferrer">http://midpoint-02.xyz.net</a></font></b>/midpoint/auth/default/oktaidp/discovery?idp=http%3A%2F%<a href="http://2Fwww.okta.com" target="_blank" rel="nofollow noopener noreferrer">2Fwww.okta.com</a>%2Fexko4d721K5vASKoJ4x6</div>
<div><br>
</div>
<div>I believe it is
some incorrect
configuration on
my reverse proxy -
nginx</div>
</div>
<div>
<div>
<div><img src="cid:part39.1F31FD8E.A0A52247@evolveum.com" alt="image.png" class="" width="541" height="178"><br>
</div>
</div>
</div>
<div><br>
</div>
<div><b>Print-04: Okta
IdP SAML
Configuration</b></div>
<div>
<div>Here is my main
question, because
in the fields:</div>
<div>
<ol><li>Single sign
on URL</li><li>Audience URI
(SP Entity ID)</li></ol>
</div>
<div>I need to
report existing
data in Midpoint,
but I'm not sure
where to get this
information.</div>
</div>
<div>
<div><img src="cid:part40.6259F92F.14C27A40@evolveum.com" alt="image.png" class="" width="541" height="357"><br>
</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div><br>
</div>
</div>
<div><br>
</div>
<div><b>My Security
Policy Config:</b></div>
<div>I made the
settings in the IdP,
generated the
metadata, encoded it
in base 64 and put
it in the Midpoint
settings.<br>
</div>
<div><b><br>
</b></div>
<div>
<div><authentication></div>
<div>
<modules></div>
<div>
<loginForm
id="15"></div>
<div>
<name>internalLoginForm</name></div>
<div>
<description>Internal username/password authentication, default
user password,
login
form</description></div>
<div>
</loginForm></div>
<div>
<saml2
id="16"></div>
<div>
<name>oktaidp</name></div>
<div>
<description>My SAML-based SSO system.</description></div>
<div>
<network></div>
<div>��
<readTimeout>10000</readTimeout></div>
<div>
<connectTimeout>5000</connectTimeout></div>
<div>
</network></div>
<div>
<serviceProvider></div>
<div>
<entityId>sp_midpoint</entityId></div>
<div>
<signRequests>true</signRequests></div>
<div>
<wantAssertionsSigned>true</wantAssertionsSigned></div>
<div>
<singleLogoutEnabled>true</singleLogoutEnabled></div>
<div>
<nameId>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</nameId></div>
<div>
<keys/></div>
<div>
<provider
id="17"></div>
<div>
<entityId><a href="http://www.okta.com/xxxxxxxxxxxx4x6" target="_blank" rel="nofollow noopener noreferrer">http://www.okta.com/xxxxxxxxxxxx4x6</a></entityId></div>
<div>
<alias>SSO-Okta</alias></div>
<div>
<metadata></div>
<div>
<xml>PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48bWQ6RW50aXR5RGVzY3JpcHRvciBlbnRpdHlJRD0iaHR0cDovL3d3dy5va3RhLmNvbS9leGtvNGQ3MjFLNXZBU0</xml></div>
<div>
</metadata></div>
<div>
<skipSslValidation>true</skipSslValidation></div>
<div>
<linkText>Okta</linkText></div>
<div>
<authenticationRequestBinding>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST</authenticationRequestBinding></div>
<div>
<nameOfUsernameAttribute>uid</nameOfUsernameAttribute></div>
<div>
</provider></div>
<div>
</serviceProvider></div>
<div>
</saml2></div>
<div>
</modules></div>
<div>
<sequence
id="8"></div>
<div>
<name>admin-gui-default</name></div>
<div>
<description></div>
<div>
Default GUI
authentication
sequence.</div>
<div>
We want to try
company SSO,
federation and
internal. In that
order.</div>
<div>
Just one of then
need to be
successful to let
user in.</div>
<div>
</description></div>
<div>
<channel></div>
<div>
<channelId><a href="http://midpoint.evolveum.com/xml/ns/public/model/channels-3#user" target="_blank" rel="nofollow noopener noreferrer">http://midpoint.evolveum.com/xml/ns/public/model/channels-3#user</a></channelId></div>
<div>
<default>true</default></div>
<div>
<urlSuffix>default</urlSuffix></div>
<div>
</channel></div>
<div>
<module
id="12"></div>
<div>
<name>oktaidp</name></div>
<div>
<order>30</order></div>
<div>
<necessity>sufficient</necessity></div>
<div>
</module></div>
<div>
<module
id="13"></div>
<div>
<name>internalLoginForm</name></div>
<div>
<order>20</order></div>
<div>
<necessity>sufficient</necessity></div>
<div>
</module></div>
<div>
</sequence></div>
<div>
<sequence
id="9"></div>
<div>
<name>admin-gui-emergency</name></div>
<div>
<description></div>
<div>
Special GUI
authentication
sequence that is
using just the
internal user
password.</div>
<div>
It is used only in
emergency. It
allows to skip
SAML
authentication
cycles, e.g. in
case</div>
<div>
that the SAML
authentication is
redirecting the
browser
incorrectly.</div>
<div>
</description></div>
<div>
<channel></div>
<div>
<channelId><a href="http://midpoint.evolveum.com/xml/ns/public/model/channels-3#user" target="_blank" rel="nofollow noopener noreferrer">http://midpoint.evolveum.com/xml/ns/public/model/channels-3#user</a></channelId></div>
<div>
<default>false</default></div>
<div>
<urlSuffix>emergency</urlSuffix></div>
<div>
</channel></div>
<div>
<requireAssignmentTarget
oid="00000000-0000-0000-0000-000000000004" relation="org:default"
type="c:RoleType"></div>
<div>
<!-- Superuser
--></div>
<div>
</requireAssignmentTarget></div>
<div>
<module
id="14"></div>
<div>
<name>internalLoginForm</name></div>
<div>
<order>30</order></div>
<div>
<necessity>sufficient</necessity></div>
<div>
</module></div>
<div>
</sequence></div>
<div>
</authentication></div>
</div>
<div><br>
</div>
<div><br>
</div>
<div>If anyone has any
suggestions for
solving the problem
I would appreciate
it.<br>
</div>
<div><br>
</div>
<div>Regards</div>
<div><br>
</div>
<div>Gus</div>
<div><br>
</div>
<div><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank" rel="nofollow noopener noreferrer">midPoint@lists.evolveum.com</a>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank" rel="nofollow noopener noreferrer">https://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
</div>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank" rel="nofollow noopener noreferrer">midPoint@lists.evolveum.com</a><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer nofollow noopener noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote>
</div>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank" rel="nofollow noopener noreferrer">midPoint@lists.evolveum.com</a><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer nofollow noopener noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote>
</div>
<br clear="all">
<br>
-- <br>
<div dir="ltr">
<div dir="ltr">
<div>
<div dir="ltr">
<table style="font-family:'arial' , sans-serif;font-style:normal;font-weight:400;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb( 255 , 255 , 255 );color:rgb( 0 , 0 , 0 );font-size:medium" width="450" cellspacing="0" cellpadding="0" border="0"><tbody><tr><td rowspan="6" style="font-family:'arial' , sans-serif;margin:0px" width="105" valign="top" height="120" align="right"><a href="https://www.ifood.com.br/" style="color:rgb( 17 , 85 , 204 )" target="_blank" rel="nofollow noopener noreferrer"><img alt="" width="105" height="110" src="https://www.ifood.com.br/nws/assinatura/iFood_assinatura3.gif"></a></td><td style="font-family:'arial' , sans-serif;margin:0px" width="18"><br>
</td><td style="font-family:'arial' , sans-serif;margin:0px" height="22">
<div>
<p style="margin:0px;line-height:18px"><span style="font-size:14px">Alexandre
R Zia<br>
</span></p>
</div>
</td></tr><tr><td style="font-family:'arial' , sans-serif;margin:0px" width="18"><br>
</td><td style="font-family:'arial' , sans-serif;margin:0px">
<div>
<p style="margin:0px;line-height:15px"><span style="line-height:15px"><b>Security</b></span></p>
</div>
</td></tr><tr><td style="font-family:'arial' , sans-serif;margin:0px" width="18" height="10"><br>
</td><td style="font-family:'arial' , sans-serif;margin:0px" height="10"><br>
</td></tr><tr><td style="font-family:'arial' , sans-serif;margin:0px" width="18"><br>
</td><td style="font-family:'arial' , sans-serif;margin:0px"><br>
</td></tr><tr><td style="font-family:'arial' , sans-serif;margin:0px" width="18"><br>
</td><td style="font-family:'arial' , sans-serif;margin:0px">
<div><a href="https://www.ifood.com.br/" style="color:rgb( 119 , 119 , 119 );line-height:16px" target="_blank" rel="nofollow noopener noreferrer">www.ifood.com.br</a></div>
</td></tr><tr><td colspan="2" style="font-family:'arial' , sans-serif;margin:0px" height="35">
<table width="190" cellspacing="0" cellpadding="0" border="0"><tbody><tr><td style="font-family:'arial' , sans-serif;margin:0px" width="12"> </td><td style="font-family:'arial' , sans-serif;margin:0px"><a href="https://www.facebook.com/iFood?fref=ts" style="color:rgb( 17 , 85 , 204 )" target="_blank" rel="nofollow noopener noreferrer"><img alt="" width="32" height="32" src="https://www.ifood.com.br/nws/assinatura/facebook_2x.png"></a></td><td style="font-family:'arial' , sans-serif;margin:0px"><a href="https://twitter.com/iFood" style="color:rgb( 17 , 85 , 204 )" target="_blank" rel="nofollow noopener noreferrer"><img alt="" width="32" height="32" src="https://www.ifood.com.br/nws/assinatura/twitter_2x.png"></a></td><td style="font-family:'arial' , sans-serif;margin:0px"><a href="https://www.instagram.com/iFoodBrasil/" style="color:rgb( 17 , 85 , 204 )" target="_blank" rel="nofollow noopener noreferrer"><img alt="" width="32" height="32" src="https://www.ifood.com.br/nws/assinatura/instagram_2x.png"></a></td><td style="font-family:'arial' , sans-serif;margin:0px"><a href="https://www.youtube.com/ifood" style="color:rgb( 17 , 85 , 204 )" target="_blank" rel="nofollow noopener noreferrer"><img alt="" width="32" height="32" src="https://www.ifood.com.br/nws/assinatura/youtube_2x.png"></a></td></tr></tbody></table>
</td></tr></tbody></table>
<table style="color:rgb( 34 , 34 , 34 );font-style:normal;font-weight:400;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb( 255 , 255 , 255 );font-size:13px;line-height:normal;font-family:'tahoma' , 'geneva' , sans-serif" width="630" cellspacing="0" cellpadding="0" border="0"><tbody><tr><td style="font-family:'arial' , sans-serif;margin:0px">
<table width="100%" cellspacing="0" cellpadding="0" border="0"></table>
</td></tr></tbody></table>
</div>
</div>
</div>
</div>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank" rel="nofollow noopener noreferrer">midPoint@lists.evolveum.com</a><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer nofollow noopener noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank" rel="nofollow noopener noreferrer">midPoint@lists.evolveum.com</a>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank" rel="nofollow noopener noreferrer">https://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
</div>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank" rel="nofollow noopener noreferrer">midPoint@lists.evolveum.com</a><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer nofollow noopener noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre">_______________________________________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank" rel="nofollow noopener noreferrer">midPoint@lists.evolveum.com</a>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank" rel="nofollow noopener noreferrer">https://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>_______________________________________________<br>midPoint mailing list<br>midPoint@lists.evolveum.com<br>https://lists.evolveum.com/mailman/listinfo/midpoint<br></div></div></body></html>