Tank

> yes. I also meet the issue. Do you know how to fix it ?

> > > > yes. I also meet the issue. Do you know how to fix it ? remove other configure item. keepmetadata is works. spring.security.saml2.relyingparty.registration.okta.assertingparty.metadata-uri=https://{app}.okta.com/app/{xxxx}/sso/saml/metadata

`application.properties spring.security.saml2.relyingparty.registration.okta.identityprovider.entity-id=http://www.okta.com/{appkey} spring.security.saml2.relyingparty.registration.okta.identityprovider.verification.credentials[0].certificate-location=classpath:rp-certificate.crt spring.security.saml2.relyingparty.registration.okta.identityprovider.singlesignon.url=https://trial-{appid}.okta.com/app/trial-{xxx}/{xxx}/sso/saml spring.security.saml2.relyingparty.registration.okta.identityprovider.singlesignon.sign-request=false ` >java code ` @AutoConfiguration public class SecurityConfiguration { @Bean SecurityFilterChain configure(HttpSecurity http) throws Exception { // @formatter:off http .authorizeHttpRequests(authorize -> authorize .mvcMatchers("/favicon.ico").permitAll() .anyRequest().authenticated() )...