The final step, after bouncing around to login, where the browser redirects to https://127.0.0.1:35001, completes auth, and says you can close the window, failed. Out of nowhere this week myself and others started receiving the error:
Safari Can’t Open the Page
Safari can’t open the page “https://127.0.0.1:35001” because Safari can’t establish a secure connection to the server “127.0.0.1”.
I don't remember exactly what it did before, but it seems like Safari is trying to force HTTPS for what otherwise should be an HTTP endpoint? At least that's what's configured in our VPN app within AWS.
Things work fine if Chrome is the default browser and it seems to stick with HTTP there.
Any ideas? Thanks!
The Application ACS URL is configured as "http://127.0.0.1:35001" in the AWS Identity Center application config, but Safari seems to try to upgrade to https which fails.
This has broken recently for us. We're having the same issue with 40+ users on MacOS Ventura and Sonoma. It appears to have something to do with forced HTTP Strict Transport Security (HSTS) and there is no way to prevent 'localhost' or '127.0.0.1' from being redirected to https. Firefox as default browser is our only current solution.
Yeah. It seems there used to be a way to clear HTST for 127.0.0.1 or localhost but that was years ago. Seems to be nothing recent. Chrome users are having a similar issue but that may be coincidental (or an additional issue) where the SAML workflow is not handled properly. From another thread on Reddit it seems AWS is aware of these issues though but I've seen nothing in Health or any notices. Frustrating!