SharePoint 2019 and OKTA integration

Copper Contributor

Hello everyone,


I have a very strange problem: I want to integrate OKTA as Trusted Identity provider in SharePoint 2019. All steps provided from OKTA are executed without any errors. For the web application I have Negotiate (Kerberos) and Okta as Trsuted Identity Prvider as shown in the picture.



Unfortunately I'm unable to authenticate neither with Windows Authentication nor with Okta


When I chose Windows Authentication I got an error and according to the ULS logs the error is with the Identity:

  • The identity is not in format we recognize. IdentityName: contoso\alekspavlov
  • Exception getting user key string. Exception: 'System.ArgumentException: Exception of type 'System.ArgumentException' was thrown. Parameter name: identity
    at Microsoft.SharePoint.Administration.Claims.SPClaimUserKeyUtility.GetUserKeyString(IClaimsIdentity identity)
    at Microsoft.SharePoint.Administration.Claims.SPClaimUserKeyUtility.TryGetUserKeyString(IIdentity identity, String& userKey)'.

When I use OKTA it is trying to authenticate me but at the end sends me back to the Sign In page.


Issue start appearing after the OKTA settings were implemented. Before that Kerberos authentication was working just fine.


Was not able to find any solution. Appreciate any help on this issue.


Thank you.

3 Replies

Today I find out that if I uncheck Trusted Identity provider (Okta) all works fine. So looks like something in the Okta configuration is wrong. I followed all the steps provided by Okta and I don't know what could be wrong.


Is there anyone who had the same issue?

@Aleksandar Pavlov You may have found your answer by now, but apparently OKTA does not yet support SharePoint 2019 according to this:


@Aleksandar Pavlov - Please let me know if you are able to resolve the sign-in issue with Okta. I see OKta does support SharePoint 2019 now. We are also facing the same issue, it would be great if you could share the resolution. Thank you in advance!!