UntestedEngineer
commented
1 year ago Figured this out. I think the original documentation for the redirect is a bit misleading. After I dug through the python files in the plugin I found that the redirect needs to occur for:
replacePath: path: /api/plugins/sso/acs/
If you leave out the ACS extension in the redirect netbox responds with a 404 not found.
I am running netbox with netbox-plug-auth-saml2 in a container (built from the latest PIP packages of the required saml2 libraries). I have also installed the required django3-auth-saml2. I am trying to integrate with Google SAML as an idP. I am able to get the idP redirect upon login and successfully authenticate, however when the /sso/acs/ redirects back from the idP, the application does not work. I have configured a proper path replace via Traefik to look for /sso/acs and redirect to:
replacePath: path: /api/plugins/sso/
The problem is when the /sso/acs/ redirect takes from Traefik the netbox application can not find the page and responds with:
/api/plugins/sso/ The requested page does not exist.
I even tried using the native /sso/acs/ URL directly into netbox, however that results in a consistent login loop back to the netbox login page.