im trying to setup SAML using authentik (<https://...
# fleetw
wkleinhenz
05/22/2021, 12:28 AMim trying to setup SAML using authentik (https://goauthentik.io/) but when i click the SSO button, i get a 405 error when redirecting back to fleet, i cant seem to find anything in the logs but im not entirely sure what to look for, i have the NameID set to user Email, the ACS set correctly and the Service Provider Binding to Redirect, using Post just puts me back at the login screen for fleet
z
zwass
05/22/2021, 12:35 AM
Anything in the Fleet server logs? Network inspector on the browser?
w
wkleinhenz
05/22/2021, 12:50 AMThe main error im seeing now is
Copy code
"signature validation failed: signing verification failed: Missing signature referencing the top-level element","level":"info","method":"CallbackSSO"z
zwass
05/24/2021, 2:08 AM
The IdP metadata you put into Fleet ought to include the certificate information. Self-signed should be fine.
w
wkleinhenz
05/24/2021, 12:34 PMhm ok ill have to double check somethings then
wkleinhenz
05/24/2021, 6:01 PMhm taking another look, and i seem to have everything right, now with a good cert and im still getting 405 errors but in the logs all im getting is logs like
Copy code
{"component":"service","err":null,"level":"info","method":"InitiateSSO","took":"5.093856ms","ts":"2021-05-24T17:58:27.619676Z"}
{"component":"service","err":null,"level":"info","method":"SSOSettings","took":"1.979558ms","ts":"2021-05-24T17:58:30.933356736Z"}
{"component":"service","err":null,"level":"info","method":"SSOSettings","took":"960.833µs","ts":"2021-05-24T17:58:31.254117062Z"}wkleinhenz
05/24/2021, 6:59 PMactually i got it working had to change the Service Provider Binding from redirect to post
6 Views