search

pspete / psPAS

PowerShell module for CyberArk Privileged Access Security REST API
https://pspas.pspete.dev
MIT License
295 stars 91 forks source link

Use SAMLInteractive authentication, but get [400] Authentication failure #387

Closed aitayi1982 closed 2 years ago

aitayi1982 commented 2 years ago

Describe the issue I work with SAML authentication, but get error : [400] Authentication failure

To Reproduce Steps to reproduce the behavior:

  1. $loginURL = "https://pvwa-company/PasswordVault/"
  2. $loginResponse = New-SAMLInteractive -LoginIDP $loginURL
  3. $baseURL = "https://pvwa-company/"
  4. New-PASSession -SAMLAuth -concurrentSession $true -BaseURI $baseURL -SAMLResponse $loginResponse

Expected behavior I should get PASSession successfully. I can get SAML response, but can not pass authentication.

Screenshots & Console Output


<--Console Output Goes Here-->
Invoke-PASRestMethod : [400] Authentication failure. Please contact your Administrator.
At line:445 char:19
+                 $PASSession = Invoke-PASRestMethod @LogonRequest
+                               ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: ({"ErrorCode":"P...dministrator."}:ErrorRecord) [Invoke-PASRestMethod], Ex
   ception
    + FullyQualifiedErrorId : PASWS035E,Invoke-PASRestMethod

Your Environment Include relevant details about your environment

Additional context Add any other context about the problem here.

pspete commented 2 years ago

You should find additional detail behind the generic error message being returned in your pvwa logs.

jessegri commented 2 years ago

I'm seeing the same error with Powershell 5.1 and PSPas 5.2.52 and CyberArk v10

Category : NotSpecified Activity : Invoke-PASRestMethod Reason : Exception TargetName : {"ErrorCode":"PASWS035E","ErrorMessage":"Authentication failure. Please contact your Administrator."} TargetType : ErrorRecord

pspete commented 2 years ago

@jessegri , Check pvwa logs to identify underlying cause.

pspete commented 2 years ago

@jessegri , @aitayi1982 - any further details in the logs which could help?

TimmyMahood commented 1 year ago

I'm also getting the same issue` only difference is I'm using the the getSAMLResponce Executable to get the token which appears to be working.

expanding the full error from PS I get PSMessageDetails      : Exception             : System.Exception: [400] Authentication failure. Please contact your Administrator.                            at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord) TargetObject          : {"ErrorCode":"PASWS035E","ErrorMessage":"Authentication failure. Please contact your Administrator."} CategoryInfo          : NotSpecified: ({"ErrorCode":"P...dministrator."}:ErrorRecord) [Invoke-PASRestMethod], Exception FullyQualifiedErrorId : PASWS035E,Invoke-PASRestMethod ErrorDetails          : InvocationInfo        : System.Management.Automation.InvocationInfo ScriptStackTrace      : at Invoke-PASRestMethod, : line 296                         at New-PASSession, : line 451                         at , : line 1 PipelineIterationInfo : {}

the PVWA log reports these lines

WARN  [39]   9eaea61a-6a73-4c09-a5e0-8bafab8bdaff Logon Response:: Code: 400. Content: {"ErrorCode":"PASWS035E","ErrorMessage":"Authentication failure. Please contact your Administrator."}  [AuthController]

DEBUG [39]   9eaea61a-6a73-4c09-a5e0-8bafab8bdaff EPVAN040D Disabling HTTP cache  []

INFO  [39]   9eaea61a-6a73-4c09-a5e0-8bafab8bdaff EndRequest /PasswordVault/api/auth/SAML/Logon | code: 400  [up]

valleskey commented 5 months ago

Anyone have a resolution to this? This recently just started happening.