About SAML SSO with Okta

OpenEdx Version : quince
Installed by Tutor on an AWS ec2 instance.
Tried to use Okta as the IDP (SAML) and OpenEdx as the SP(SAML),
Followed the docs on

After the above steps, I can see.

  • Metadata is ready for the SAML IDP provider configuration
  • SAML provider data is valid and successfully fetched

The problem
When I try to start the OpenEdx(SAML) app in Okta’s dashboard, starting a IDP-initiated flow, it doesn’t work. The LMS logs has the following error

lms-1            | 2024-06-04 06:53:33,368 INFO 7 [tracking] [user None] [ip] logger.py:41 - {"name": "/auth/complete/tpa-saml/", "context": {"user_id": null, "path": "/auth/complete/tpa-saml/", "course_id": "", "org_id": "", "enterprise_uuid": ""}, "username": "", "session": "", "ip": "", "agent": "curl/8.5.0", "host": "openedx.aue1t.internal", "referer": "", "accept_language": "", "event": "{\"GET\": {}, \"POST\": {\"SAMLResponse\": [\"PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJlc3BvbnNlIERlc3RpbmF0aW9uPSJodHRwczovL29wZW5lZHguYXVlMXQuaW50ZXJuYWwvYXV0aC9jb21wbGV0ZS90cGEtc2FtbC8iIElEPSJpZDk1MDE2Nzk1NDk3ODUwMjI1NDc1NjE0IiBJc3N1ZUluc3RhbnQ9IjIwMjQtMDYtMDNUMDU6NTE6MzIuODAyWiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sMnA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIj48c2FtbDI6SXNzdWVyIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wO", "time": "2024-06-04T06:53:33.368009+00:00", "event_type": "/auth/complete/tpa-saml/", "event_source": "server", "page": null}
lms-1            | 2024-06-04 06:53:33,381 ERROR 7 [common.djangoapps.third_party_auth.models] [user None] [ip] models.py:834 - No SAMLProviderData found for provider "" with entity id "" and IdP slug "". Run "manage.py saml pull" to fix or debug.
lms-1            | 2024-06-04 06:53:33,382 INFO 7 [social] [user None] [ip] middleware.py:37 - Authentication with  is currently unavailable.

From the browser I can see the full SAML response data, but in logs, I can only see (first) part of the full SAML response data. I guess that might be the cause of the empty entity id in the ERROR log.

Does anyone know what might be the problem and how I can further troubleshoot on this?

Thank you.