search

grafana / django-saml2-auth

Django SAML2 Authentication Made Easy. Easily integrate with SAML2 SSO identity providers like Okta, Azure AD and others.
Other
189 stars 56 forks source link

How to debug an issue: [django_saml2_auth.utils.handle_exception] 'UserName' #317

Closed seungwooc-23 closed 4 months ago

seungwooc-23 commented 4 months ago

Hello, I'm experiencing a Sorry, you are not allowed to access this app, Error code: 1103 after receiving a SAML2 response from my identity provider. I see UserName in the Attributes section of my SAML response. I'm hoping to get guidance on how to troubleshoot this issue.

The following is the current saml2 auth config for my django app:

    SAML2_AUTH = {
        "METADATA_AUTO_CONF_URL": f"https://<idp hostname>/sso/saml/metadata",
        "DEFAULT_NEXT_URL": "/admin",
        "ATTRIBUTES_MAP": {
            "email": "Email",
            "username": "UserName",
            "first_name": "FirstName",
            "last_name": "LastName",
            "okta_groups": "OktaGroups",
        },
        "NEW_USER_PROFILE": {
            "USER_GROUPS": [],
            "ACTIVE_STATUS": True,
            "STAFF_STATUS": True,
            "SUPERUSER_STATUS": False, 
        },
        "TRIGGER": {
            "CREATE_USER": "<create user hook>",
            "BEFORE_LOGIN": "<before login hook>",
        },
        "ENTITY_ID": f"https://{site_hostname}/saml2_auth/acs/",
        "TOKEN_REQUIRED": False,
        "DEBUG": True,
    }

fyi @mostafa

seungwooc-23 commented 4 months ago

Closing because the bug was in the post-saml2 auth