You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have spent far too long trying to get this to work, so I wanted to reach out to the community and see if I am missing something. I have been successful in using OAuth, but for the life of me I cannot get this to work with SAML. Before I continue, I wanted to see if what I am attempting to do is possible.
I have setup (perhaps incorrectly) a SAML Source under "Federation and Social login", much like I did with OAuth. After selecting the source for the "default-authentication-identification" stage, I am then presented with the option to use the source to login. However, it doesn't work. I can see in the sign-in logs in Azure that the authentication request was successful, but the redirect back to Authentik results in a "Permission Denied" error and the message "Request to authenticate with NuSol Azure AD SAML has been denied. Please authenticate with the source you've previously signed up with."
How this worked with OAuth was very simple and worked like a charm. However, I am now starting to suspect that this will not work using SAML. Before I continue, can anyone confirm whether what I am trying to do is possible? The flow makes sense with OAuth, but I am utterly confused by SAML. With OAuth I can select the OIDC sources for use with the proxy provider, but I cannot do the same with SAML. There doesn't appear to be a way to configure a Proxy to use a SAML source. If this is the case, then I am barking up the wrong tree.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I have spent far too long trying to get this to work, so I wanted to reach out to the community and see if I am missing something. I have been successful in using OAuth, but for the life of me I cannot get this to work with SAML. Before I continue, I wanted to see if what I am attempting to do is possible.
I have setup (perhaps incorrectly) a SAML Source under "Federation and Social login", much like I did with OAuth. After selecting the source for the "default-authentication-identification" stage, I am then presented with the option to use the source to login. However, it doesn't work. I can see in the sign-in logs in Azure that the authentication request was successful, but the redirect back to Authentik results in a "Permission Denied" error and the message "Request to authenticate with NuSol Azure AD SAML has been denied. Please authenticate with the source you've previously signed up with."
How this worked with OAuth was very simple and worked like a charm. However, I am now starting to suspect that this will not work using SAML. Before I continue, can anyone confirm whether what I am trying to do is possible? The flow makes sense with OAuth, but I am utterly confused by SAML. With OAuth I can select the OIDC sources for use with the proxy provider, but I cannot do the same with SAML. There doesn't appear to be a way to configure a Proxy to use a SAML source. If this is the case, then I am barking up the wrong tree.
Beta Was this translation helpful? Give feedback.
All reactions