We are wanting to use SAML to authenticate users on our domain to a Mendix app. We have this working on an older version of Mendix 8 that has the SAML ad LDAP modules, although i believe the LDAP module is not needed when using Mendix 9…? As far as i can tell the Mendix side it configured correctly and i’ve been told the IDP has the same settings as the other config that is working, however, we are having issues… The IDP is an F5 appliance, which we seem to be able to login through but then get forced to a page ending /SSO… i’m sure i read if you leave the constants blank that anything to /SSO will get redirected to index.html/login.html….. Also, when looking at the Documentation for SAML it refers to settings for things like User Entity, User Action, Identifying Assertion…. i dont get any of these settings when going through the config… Are we completely missing something here… it is not something we have done ourselves before and was told it is very quick to setup and get working, but seem to be anything but that…. any advise would be greatly appreciated.
SAML can indeed be tricky to set up properly.
Usually, you place a meta refresh tag on your default login.html page in the theme folder or a button on the login page to link to the /SSO. The meta refresh tag might be causing your user to end up on the /SSO ‘page’. The /SSO request handler will look for a configured (active) IDP and use that for authentication. Looks like that's not the case in your app as the user ends there? Did you configure the after startup microflow?