hogbinj
(James Hogbin)
December 3, 2018, 1:58pm
1
I've set up my SAML authentication. Login works like a champ now, however the logout is stuck in a loop, as set out in theSAML Logout section
I'm testing Okta & OneLogin and both need the Logout to be signed.
How do you get Elastic cloud to do this?
James
hogbinj
(James Hogbin)
December 3, 2018, 2:33pm
2
OK.
So on further exploration, Okta needs signatures, one login doesn't
So here is how I configured onelogin if anybody else is struggling:
Use the SAML Test Connector (Advanced) App
RelayState: [Blank]
Audience: https://[uuid].europe-west1.gcp.cloud.es.io:9243/
Recipient: https://[uuid].europe-west1.gcp.cloud.es.io:9243/api/security/v1/saml
ACS (Consumer) URL Validator: ^https:\/\/[uuid].europe-west1.gcp.cloud.es.io:9243\/api\/security\/v1\/saml*
ACS (Consumer) URL: https://[uuid].europe-west1.gcp.cloud.es.io:9243/api/security/v1/saml
Single logout URL: https://[uuid].europe-west1.gcp.cloud.es.io:9243/logout
Login URL: https://[uuid].europe-west1.gcp.cloud.es.io:9243/api/security/v1/saml
SAML Not valid before: 3
SAML not valid on or after: 3
SAML initiater: Service Provider
SAML nameID format: Persistent
SAML issuer type: Specific
SAML signature element: Response
Encrypt assertion : NOT checked
zanbel
(Roy Zanbel)
December 6, 2018, 12:09pm
3
@hogbinj thanks for letting us know!
We will further investigate and work towards fixing this issue.
system
(system)
Closed
January 3, 2019, 12:10pm
4
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.