Devise+ Device_saml_authenticable + missing callback handler ?

[CR1AT0RS]

Hey,

I am trying to add SSO via an SAML app from g-suite. Do I need to configure three gems ?

1. Devise
2. Omniauth-saml
3. devise_saml_authenticatable

Because after setting basic devise and devise_saml_authenticatable I am not sure what's the best way to configure callback url handler.

I am getting this error:

Routing Error
No route matches [POST] "/auth/saml/callback"

I understand that the callback class is missing but in documentation it missed the point where to setup the callback handler.

[adamstegman]

You shouldn't need omniauth-saml unless you're using omniauth. Since you're using devise, this gem is what you need.

By "callback url handler," I'm guessing you mean where the IdP sends you once you're logged in? That would be https://<your domain>/users/saml/auth. You can see some examples in our wiki for OneLogin and Okta.

You're right that's missing from the README. I'm not certain how to document these endpoints since each provider seems to have its own terminology, but I'll see if I can put something together.

[adamstegman]

I added a section about configuring the IdP: https://github.com/apokalipto/devise_saml_authenticatable/blob/master/README.md#configuring-the-idp

[CR1AT0RS]

@adamstegman Thanks that definitely helped.

[CR1AT0RS]

If someone is getting the same /auth/callback error that means your Entity ID in google app is not set correctly. I am attaching an image to help people set this up. There's a lot of confusion floating around 🍡

@adamstegman can we add this in documentation too. It's gonna be very useful for people who are new here.

[adamstegman]

Sure, would you mind creating a wiki page for your IdP and including that image? I'm not familiar with that provider.