I need to add SSO support to our Alibaba account and we use Gsuite as our identity provider, I only see guides for azure directory and OKTA and I can't manage to get Gsuite to work. all I'm getting is:
Error: not_a_saml_app
Provided application is not a SAML app
I'm trying to use Alibaba's CloudSSO service to do this.
Related
I am trying to setup SSO with third party IDPs in Google Workspace admin console.
I am using SAP IAS as an IDP.
It works with the default configuration.
But if i mark the the SAML requests to IDP must be signed in SAP IAS then it fails saying "SAML requests are not signed ".
It seems Google as a service provider does not sign the requests ? is it a correct understanding or is there a way to enable signing of SAML requests in Google workspace admin console ?
Best Regards,
Saurav
When you use Google Workspace as Service Provider with a third-party IdP requests are not signed by default and I am afraid that setting is not available in Google's side at the moment.
I assume by signing both the request and response of your SSO flow you are looking to grant extra security to this process however if you really need to use Google services and the authentication is successful without the setting I would recommend to skip this for now.
Neither in the documentation nor in the Google Admin console section for third-party IdPs SSO you would find it, the setting is simply not there:
Google as Service Provider setup
I hope this information helps!
My requirement is to setup SSO between Salesforce Commerce Cloud B2C and BlackBoard/BrightSPace. Which means Salesforce Commerce Cloud will be IDP.
So when I try to login to BlackBoard/BrightSPace then if should redirected to CommerceCloud for login Authentication.
Please let me know how it is possible.
Hard to achieve, check SAML architecture, you should construct custom endpoints on CC side for that, also use private and public keys / certificates (public key will come from external cloud)
I have my UI application which uses AWS Cognito for user authentication. We have successfully integrated the SAML identity provider in our Cognito UserPool.
Now i want to support SSO using AD FS.
Below is my URL which i can use to ADFS login.
https://adfs.DOMAIN.com/adfs/ls/IdpInitiatedSignOn.aspx
I have read this AWS Doc to configure for any aws management console.
But what steps i should follow to enable this for Cognito.
Any help?
From the Amazon Developer Forums: "Cognito User Pools do not currently support the IdP-initiated SAML flow."
If you are able to use Open-ID rather than SAML you will be able to overcome this issue. If SAML is a must, you may have to wait until support for the IdP-initiated SAML flow is provided.
Azure AD B2C has the concept of Custom Policies, which in theory can be used to connect a B2C tenant to any IdP using SAML (see https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-overview-custom).
Google's GSuite (org-owned) system can apparently be connected to as an IdP using SAML (only SAML) (see https://support.google.com/a/answer/6087519?hl=en).
Has anyone successfully connected these so that end users could use their GSuite accounts to authenticate to enterprise application with Azure AD B2C in the middle?
thanks!
Martin
B2C supports SAML and through custom policies you can connect to other services and return identities although I have only done this with OIDC as the SAML meta data may be an issue.
A good article here on connecting to SalesForce with SAML is here , so you should be able to change SalesForce for G Suite
https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-sf-app-custom
We are trying to leverage BlueID/IBM ID authentication for our application deployed on Bluemix node.js instance. Is it possible to configure the Bluemix SSO service with Blue ID (OpenID) authentication. Right now I see support for SAML, Cloud Directory and some social networks. But I am really interested to know if the SSO service has support to use Blue ID authentication?
Bluemix Single Sign On does not currently support the standards for IBM ID login.