Problem
If SSO is enabled for your HCP organization, you may receive an error if trying to log into HCP SSO from your IdP provider directly.
Cause
Currently, the HCP SSO integration requires that you log in directly from the HCP UI with your SSO (Okta) credentials. It is currently expected to receive an error similar to the one below if you try to log into HCP directly from your SSO platform.
invalid_request: IdP-Initiated login is not enabled for connection "HCP-SSO-11eb58f9-5983-1701-8c33-0242ac110016-samlp".
TRACKING ID: 1ee9c265894f363dd226
You may also receive an "Oops!, something went wrong" message as well.
Solution
Log into HCP directly from the HCP Portal UI with your SSO (Okta) credentials.
Workarounds
Okta SAML
As an alternative, you can use the bookmark app in Okta to have a tile that will mimic the IdP-initiated from HCP. The URL that can be used is https://portal.cloud.hashicorp.com/login/signin?conn-id=HCP-SSO-[ORGID]-samlp.
You should replace the "ORGID" with the actual organization ID which can be found under Organization Settings > Organization in HCP Portal.
Microsoft Entra ID (Azure AD) SAML
You can set the "Sign-on URL" under the Basic SAML Configuration settings. The URL that can be used is https://portal.cloud.hashicorp.com/login/signin?conn-id=HCP-SSO-[ORGID]-samlp.
You should replace the "ORGID" with the actual organization ID which can be found under Organization Settings > Organization in HCP Portal.