Question

SAML login problem

0

In a Mendix app we use the SAML module from Mendix and it works fine most of the times. However there are some users that can't login sometimes. These users can login most of the time so there is nothing wrong with the accounts. This problem happens in multiple browsers. I notice that when a user can't login the principal (user id) is empty in the SAML request. In the log in Mendix or SAML module is nothing to find about this bug. Has someone an idea for a solution?

asked 2024-09-23

Jelle van Bree

3 answers

Kiran Nemade · Answer 1 · 2024-09-23

Hi,

I think there might be some problem with the Claims. You can use SAML Tracer plugin for chrome and edge and track what is going wrong.

Ronald Catersels · Answer 2 · 2024-09-23

Did you set context classes? That in combination with using MFA on their end could be cause. I always ask if they have an MFA setup on their end and then I set no context classes on my end because it is then all up to the IdP.

Regards,

Ronald

Jelle van Bree · Answer 3 · 2024-09-24

No, we use one instance. I discovered that there are more apps with this problem, also outside the organisation with another IdP.