AWX SAML authentication with Okta - RelayState

I think you are hung up on trailing ‘/’ that is mentioned, but I think you are missing the past perfect tense. The trailing slash issue was resolved AND then Okta admin did something

<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" cacheDuration="P10D" entityID="https://my-awx-url">
<md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>cert</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://my-awx-url/sso/complete/saml/" index="1"/>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en-US">AWX</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en-US">AWX</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en-US">my-awx-url</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
<md:GivenName>name</md:GivenName>
<md:EmailAddress>email address</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:GivenName>name</md:GivenName>
<md:EmailAddress>email address</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>

for SAML Enabled Identity Providers

{
  "okta": {
    "entity_id": "http://okta-entity-id/",
    "url": "https://okta-url/sso/saml/",
    "x509cert": "-----BEGINCERTIFICATE-----cert-----ENDCERTIFICATE-----"
  }
}

What else would you find useful?