SAML configuration with NameID as unspecified

Hi All,
For SAML configuration, what parameter to be used instead of persistent,
attributes.principal: "nameid:persistent"

In Azure it is 'unspecified' or emailaddress

You can use attributes.principal: nameid ,this is also covered in our documentation

Thanks @ikakavas.
I tried with attributes.principal: "nameid" but didnt worked.
So i Used : attributes.principal: ""

Browser Asks to save SAML response.

F12 Developer Tools -
Response Body -
{"statusCode":401,"error":"Unauthorized","message":"[security_exception] unable to authenticate user [] for action [cluster:admin/xpack/security/saml/authenticate], with { header={ WWW-Authenticate={ 0="Bearer realm=\"security\"" & 1="ApiKey" & 2="Basic realm=\"security\" charset=\"UTF-8\"" } } }"}

ES Logs :
"[WARN ][o.e.x.s.a.AuthenticationService] [SA145] Authentication to realm saml1 failed - Provided SAML response is not valid for realm saml/saml1 (Caused by ElasticsearchSecurityException[SAML content is in-response-to _afe391812ba357beef3a6c11113b8b80f4bbd1c5 but expected one of ])"

Not getting whats going wrong here here.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.