All Questions
Tagged with single-sign-on saml
922
questions
0
votes
0
answers
5
views
SP Initiated SAML SSO for cognito
I have a user pool configured in cognito with some users. I need to login to a service using these user accounts. The service supports SAML SSO and asks for SSO URL, SAML Entity ID and SAML ...
0
votes
0
answers
19
views
Value of encrypting SAML Assertions
I have an auditor requiring us to encrypt SAML assertions from IdP to RP. I’m fine with this in general as it’s a pretty standard config and most SAML apps support it, but they claim it needs ...
0
votes
0
answers
16
views
How to set the SP certificate in google as IdP with SAML?
I want to use google as an IdP for SPs using SAML. I have integrated an SP with google as IdP and for this I have followed the documentation provided by google at Google SAML.
I have created my custom ...
-1
votes
0
answers
27
views
Can two separate applications share the same SAML response to avoid multiple 2FA? [closed]
I have been tasked with creating a new landing page application (app 1) which users would then be able to use to access other applications (apps 2,3,4).
Is it possible for App1 to be registered in ...
0
votes
1
answer
19
views
Why wouldn't the IdP initiate contact with the SP in a SAML 2.0 SSO integration?
Please let me know if I'm not providing enough info. Asking a question here because it could potentially be faster than contacting and dealing with the IdP.
We, a service provider, are integrating ...
-2
votes
1
answer
77
views
Simple way to put AWS Lambda app behind SAML authentication [closed]
I have a simple AWS Lambda app. I need to front it with SSO, our IdP provider is Okta. The app is rarely used by a large amount of employees. What would be the easiest way to do that without ...
0
votes
0
answers
88
views
How to map NameID values to user attributes in Keycloak when integrating SAML IdP
I'm trying to connect an external IdP to Keycloak, so that I have "Login with [X, an external system]" feature.
I managed to configure it so that the IdP returns a response with the ...
0
votes
0
answers
15
views
When SP certificates updated, how adfs update its local certificates?
Here is the situation with SSO by saml
SP: our own apps, with a valid certificates which will be expired in 1 year
Idp: ADFS in windows server
The SP federation metadata we configured in ADFS is as ...
0
votes
0
answers
13
views
CSAM saml logout
When the user logs off the application, it calls the logout endpoint in our identity project. The problem is, the application is logged off, but under the hood the user is still signed on in CSAM. I'm ...
0
votes
0
answers
29
views
Setup SAML in firebase
How can I setup SAML for my firebase project ? I found a document related to this problem but I'm confused how to find these information like in the image below. Is there a way to identify them in my ...
0
votes
0
answers
71
views
saml2aws using google apps as IdP
I configured federated access to AWS for my team to use Google apps as IdP.
Now, I want to enable them to use awscli and generate credentials using saml2aws
I run saml2aws configure and entered the ...
0
votes
0
answers
83
views
Azure Single Sign On with SAML - IDX10214: Audience validation failed issue
I have a sample application that is trying to facilitate single sign on using SAML and I am able to authenticate the user, but when I am getting the SAML response back from Azure, I am facing the ...
0
votes
0
answers
56
views
Unable to pass login_hint to Google SAML Authentication
I use SimpleSAML to allow users to authenticate into my application using Microsoft or Google accounts. Most clients use Microsoft, so the SAML SingleSignOnService URL binding becomes something like:
...
0
votes
1
answer
117
views
Encountering error": "Internal Server Error", Code 500 - Okta Authentication Setup with AWS OpenSearch VPC + Nginx Reverse Proxy
I have a AWS Opensearch in VPC network. I am using Nginx reverse proxy to access Opensearch Dashboard (Kibana). My Curent setup is working fine.
I tried to SAML Okta Authentication but getting ...
0
votes
2
answers
119
views
Moodle intergration with ADFS--Plugin SAML2 Single sign on
I recently attempted to integrate ADFS with a Moodle application using the "SAML2 Single Sign-On" plugin maintained by Catalyst IT, version 2022111701 (2022111701). The Moodle version is 4.3 ...
0
votes
0
answers
34
views
How to configure SSO between Sharepoint 2019 onprime and Nintex K2 5.5?
I have a sharepoint 2019 onprim app that uses Nintex K2 forms in Ifram, Everytime the user login to the sharepoint app using his windows creds. the k2 asks to enter the creds again.
So how can we ...
0
votes
0
answers
36
views
Is there any way to login SSO using RestAssured or using any API calls?
I've many automated scenarios and I need to perform SAML SSO login for each scenario execution.
Is there any way to perform this SSO login using any API calls or RestAssured instead of having it on ...
1
vote
2
answers
161
views
Firebase Authentication SAML resource metadata file
We are using Firebase Authentication. A customer wants SSO access over SAML to our application. They use Open Athens as their identity provider. Now I've setup their SAML provider and sent them the ...
1
vote
0
answers
32
views
How to add ForceAuthn flag on AWS cognito
I'm using AWS cognito as SP while using SAML with other Idps. I want for specific customer to use ForceAuthn to enforce login in every authentication. How can I do that with AWS cognito?
And could it ...
0
votes
0
answers
94
views
what should I do about the error in the Keycloak and ADFS application "Client does not have a public key"?
I have Keycloak 23.0.4 configured with ADFS (SAML) as an IDP.
The mappings are configured so that from ADFS I receive data about email, first name, last name, as well as which groups the AD user ...
0
votes
1
answer
46
views
openliberty saml group mapping not working
I'm testing the openliberty feature SAML Web Single Sign-On 2.0 (https://openliberty.io/docs/latest/reference/feature/samlWeb-2.0.html).
The integration with my IdP works fine for authentication but I ...
0
votes
0
answers
49
views
SimpleSAMLphp response not handled
Have set up a SimpleSAMLphp configuration with correct metadata and login details. We can successfully login to the idp , and we can see responses back from the provider that show the detailed SAML ...
1
vote
1
answer
237
views
Difference between STS and Identity Provider (IdP)
I was trying to implement Ws-Federation protocol for my application. When researching for this STS and IdP are used along with few other buzzwords. I know Federation is between two security realm to ...
0
votes
0
answers
62
views
Single Sign On (Quicklaunch) on React App Using SAML
I have encountered a problem with my React App's single sign-on (SSO) on Quicklaunch. After logging in on Quicklaunch and then it redirects to my React App I get this response.
Cannot POST /sso/login
...
0
votes
0
answers
15
views
Wp_set_auth_cookie whitelisting for miniorange plugin
I'm facing a critical issue with my multisite WordPress setup.
My site employs Miniorange for SAML SSO integration with OKTA.
Excessive binlog creation filled up the drive space, leading to the app ...
0
votes
0
answers
24
views
Key is missing data to perform decryption in Laravel 9
I am implementing SSO SAML in Laravel , I am using onelogin package but I have different IDP provider im getting mentioned error Key is missing data to perform decryption after successful login , let ...
0
votes
0
answers
204
views
Accessing a web page that has SSO/SAML and 2FA enabled from Powershell
We have a remotely-hosted website that uses our company's SSO sign-on via SAML, with two factor authentication (2FA) enabled. I would like to be able to use a local Jenkins agent.jar file to access ...
0
votes
0
answers
155
views
Azure AD SSO with SAML edit Attributes & Claims - Required Claims v's optional claims
When creating a new SSO Enterprise application, for example Palo Alto Global Protect, from the Azure gallery, you get an additional 'Required' claim added to the SAML setup called 'username'
Is it ...
0
votes
0
answers
65
views
After configuring Zendesk Keyclock Saml SSO Integration User sing-in is getting We are sorry ..Page Not found when directing to keyclock login
I use Keyclocak 23.0.3 SAML SSO with Zendesk , I configured the client setting in the realm and so on
The server has : certfication is not valid btw
SAML SSO URL=
https://myserver/auth/realms/newrealm/...
0
votes
0
answers
139
views
Salesforce as IdP error - Invalid HTTP method
I'm completely new to SSO, so please bear with me...
I have built an application (Service Provider) and I want to use Salesforce as the SSO IdP using SAML 2.0.
When being redirected to Salesforce to ...
0
votes
0
answers
28
views
It is possible to create OIDC app in google workspace dashboard?
using "custom SAML app" option in Google admin console. in our company we are able to create SAML app in Google, is there any option we can use OIDC SSO protocol instead of SAML protocol to ...
1
vote
0
answers
74
views
Google workspace SSO authentication with .NET Core
We are trying to build a new application with Google authentication. Here we have to authenticate user credential using google workspace SAML token.
Don't want to use google OAuth from Google cloud. ...
0
votes
2
answers
135
views
Certificate issue in SSO
Im using itfoxtec in order to build a saml identity provider and i copy the code of this repo :
https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2/tree/master/test/TestIdPCore
when i use the example ...
0
votes
1
answer
1k
views
Where to get the IDP Metadata url from?
Our customers integrate their SSO (okta/google) with our SaaS.
Now inorder to authenticate them, we do a SAML login.
The crewjam library in golang has the following snippet which asks for metadataUrl :...
0
votes
0
answers
103
views
Azure Enterprise SAML App changing my RelayState URL from HTTPS to HTTP (sometimes)?
I've found various questions here on Azure and SAML RelayState stuff but I haven't found anything specifically on my particular issue. Here are the details:
I have an Azure Enterprise SAML app
I have ...
0
votes
0
answers
24
views
How to validate login credentials on ADFS via POST request
I have a requirement to build an E-Signature tool for a verification purposes in Salesforce (LWC, Apex). It's a simple two input field form where the user has to enter the username and password and ...
0
votes
1
answer
63
views
IdP Vs Authoritative Source Vs SAML Vs SSO in IAM
Could someone please help me to understand the difference among the following entities in IAM with real word examples.
IdP
Authoritative Source
SSO
SAML
OAuth
Thanks
0
votes
1
answer
297
views
Keycloak: Unique SAML endpoint per SAML Client in the same Realm
I'm setting up multiple SAML clients within a single Keycloak realm (Keycloak is the IdP). The idea is to have multiple SAML clients for the same SP within the same realm. SAML client 1 will be used ...
0
votes
0
answers
49
views
How can I obtain a decrypted SAML token from an encrypted SAML token?
I have a client website utilizing ADFS for SSO, and it appears the domain is hosted within the same ADFS instance. When I execute my code, it successfully provides a decrypted SAML token, likely ...
1
vote
1
answer
48
views
How to publish a SAML app to the catalog?
I'm a developer, and I'd like my app to be available in the Google SAML apps catalog.
How can I do that?
I don't find any information about how or who to contact to register my app.
Can you help me?
...
0
votes
0
answers
97
views
SAML response Verifying - Signature verification failed: invalid padding
Facing following issue while verifying the SAML response manually.
Signature verification failed: invalid padding
Sample:
from xml.etree import ElementTree
from signxml import XMLSigner, XMLVerifier
...
1
vote
0
answers
125
views
Flutter and Azure SSO
I am developing a flutter application for my company. In my company, many web applications use Azure SSO and SAML connections, and there is no need to log in repeatedly when switching between sites. I ...
0
votes
1
answer
128
views
Custom AD FS Claim Rule for Email Domain Transformation for Jira Cloud SSO Integration
I'm currently integrating AD FS with Jira Cloud for SSO and facing a challenge with email domain mismatches.
Our Active Directory domain for users is company.local, but our verified domain for Jira ...
4
votes
3
answers
319
views
How to set the JWT token from server
I have a product which is using Angular as Frontend and DRF as backend. It uses JWT tokens for authentication. Currently Im adding SAML SSO to the product, at the acs endpoint Im able to verify the ...
0
votes
1
answer
473
views
Keycloak how to change Forgot Password redirect url
I am using Keycloak for authentication, and I want to configure the Forgot Password feature to redirect users to my password reset website https://mypassport.xxx.com. Could you please guide me on how ...
0
votes
0
answers
175
views
Signature verification failed: invalid padding - Python flask-saml2
In Python SSO, I'm using flask-saml2 library.
I make 'Sign Response As Required' as True and renewal the .pem files.
After that,I am getting following error,
{"message":"Signature ...
1
vote
1
answer
73
views
Idp Initiated sso with Itfoxtec
According to the ItFoxTec documentation, I couldn't find information on implementing IDP-initiated SSO in the library, despite the presence of sample code for SP-initiated SSO.
https://github.com/...
1
vote
1
answer
159
views
How to grant access to salesforce account using sign-in page
I'm working on developing an application that retrieves reports from Salesforce. I aim to create a functionality similar to what can be found on dataloader.io
On this website, they present a ...
0
votes
0
answers
20
views
Redirect user to OneLogin connected/ SSO enabled application from my web application
I have a OneLogin account and have set up Google Worspace (G Suite) and enabled SSO.
I want the users of my web application to directly get redirected to Google Workspace on clicking a button/link on ...
0
votes
1
answer
74
views
Integrating IdentityServer4 with SuiteCRM for SSO Using SAML2 Protocol
I am currently working on a project that involves IdentityServer4 for implementing authentication and authorization services. My IdentityServer is set up to use the OpenID Connect (OIDC) protocol, and ...