SimonChou-17LIVE
commented
3 years ago Hi all, I solved my issue, my solution is chagned "Name ID Format" to "EmailAddress" and add "email" which value is "user.email" to "ATTRIBUTE STATEMENTS"
Open SimonChou-17LIVE opened 3 years ago
SimonChou-17LIVE
commented
3 years ago Hi all, I solved my issue, my solution is chagned "Name ID Format" to "EmailAddress" and add "email" which value is "user.email" to "ATTRIBUTE STATEMENTS"
Hi, I am using okta SSO -saml2.0 in my stf, but I meet some situations, it blocked us to use STF
What is the issue or idea you have?
Do you see errors or warnings in the
stf localoutput? If so, please paste them or the full log here. stf logs show: 2021-10-12T06:36:26.467Z WRN/auth-saml2 16538 [*] Missing email in profile { issuer: { _: 'http://www.okta.com/exk43qcas7J6dWfTS696', '$': { Format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity', 'xmlns:saml2': 'urn:oasis:names:tc:SAML:2.0:assertion' } }, sessionIndex: '_de1281da468bd8d62272', nameID: 'acertalk01@cool.fr.nf', nameIDFormat: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified', nameQualifier: undefined, spNameQualifier: undefined, getAssertionXml: [Function] }** expected behavior "" After login in okta, web page can redirect to stf device list page
Please provide the steps to reproduce the issue.
Create saml app
Executed command: stf local --auth-type saml2 \ --auth-options '[ "--saml-id-provider-entry-point-url","https://cool-frstfttt.okta.com/app/cool-frstfttt_openstftest_1/exk43qcas7J6dWfTS696/sso/saml", "--saml-id-provider-issuer","http://www.okta.com/exk43qcas7J6dWfTS696", "--saml-id-provider-callback-url","http://localhost:7100/auth/saml/callback" ]'
My workspace environment Mac OS Big sur