Hi Team,
We are in process of configuring SAML plugin to authenticate. Also have configured the Identity provider settings.
The entityID in SPMetdata xml is entityID=“https://xxxxxxxx/piwik/index.php?module=LoginSaml&action=metadata”>
Authentication is failing because of & in entityId. How can we configure entityid in metdata xml?
Please suggest!!!
Hi,
Can you please supply any errors you are seeing and identity provider to shop@innocraft.com
Thanks
Hi,
you mean Identity provider entity id, SSO service URL etc?? These data is confidential.
Hi,
No, we just need your Identity Provider such as one-login etc and error codes you are seeing. Can you please send this information to shop@innocraft.com
Thanks
Hi Jason,
Ours is based on the products of ForgeRock https://www.forgerock.com/ especially on OpenAM that manage the authentication.
I dont see any error in SAML.log… except this line “Initiated the Single Sign On, Redirecting to the IdP”.
Can u please let me know if you need any other info.
Hi Jason,
I have enabled debug mode and given entity ID. Still I dont see any error in SAML.log . Saml Login redirects to our authentication page with below error. Can the entity ID be an URL format or any other format???
Hi,
Can you please tell me what version of Matomo you are using at the moment?
Thanks,
Hi Jason,
I have replied you through mail for this question few days back. We are using matomo 3.5.1
HI,
Sorry, we don’t seem to have received this email. Could upgrade your Matomo to the latest version, as well as the plugin?
Let me check on upgrade part. But 3.5.1 is also much latest version right…
Hi,
The latest Matomo version is 3.6.0, the plugin is at 3.1.0
Thanks
Hi Jason,
Saml is properly configured now with IDp settings. But SAML login gives the following error.
Please contact the system administrator, or login to Matomo to learn more.
If you are Super User, but cannot login because of this error, you can still troubleshoot further. Follow these steps:
salt value under [General] .salt_value_from_config by the salt value from the config file):index.php?i_am_super_user=salt_value_from_config&....
Invalid SAMLResponse. The status code of the Response was not Success, was Requester -> urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext
The Saml Issuer coming SAML response (in the post request) is wrong. The advanced SPentityId is set to correct value in settings.
How can this value is changed?
Hi,
Sorry for the delay in getting back to you. Can you confirm your Matomo and SAML version?
Thanks,
I am also getting the same error after adfs redirection. My matomo version is 3.12.o
After following the steps getting below error.
SAML Response not found, Only supported HTTP_POST Binding
That error is thrown when the Magento Assertion Consumer endpoint is loaded and no SAMLResponse POST parameter is provided by the Identity Provider.
You need to verify that the IdP is configured to use HTTP-POST binding for the SSO flow. a good way to validate this is by installing the SAMLTracer tool and check that what is sent to the AssertionConsumerService endpoint was a POST.
You provided by email an example of the AuthNRequest sent by Magento and the SAMLResponse replied by the IdP, so I believe the HTTP-POST binding was not used, and instead the HTTP-Redirect binding was used.
We’ll continue to help by email since you also reached out there. Thanks!
Hi there,
Just to let you know that we encountered the same issue with Matomo 4.4.1 and SAML Plugin 4.0.3
The workaround on our side has been to fix the IDP Registry to take this case into account.
Cheers, Alice
