SAML AZURE

[emorvan1987]

Debug mode

• [X] I have enabled debug mode
• [X] I have read checked the Common Issues page

Describe the bug

When i tried to connect with my Azure credentials, i have this error message : AADSTS50011: The reply URL 'http://assets.xxx.fr/public/saml/acs' specified in the request does not match the reply URLs configured for the application 'https://assets.xxx.fr/public'. Make sure the reply URL sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/urlMismatchError to learn more about how to fix this

Reproduction steps

1. Configure SAML On Azure through App registration and App Enterprise
2. Configure SAML on SNIPE-IT
3. Add Groups to connect to App Enterprise
4. Connect with Azure Credentials
5. Stay Sign-in
6. Error ...

Expected behavior

In Azure i cannot put http for a reply URL However, Snipe-it asks me to do it

Screenshots

Snipe-IT Version

v6.3.0 build 12490 (g9136415bb)

Operating System

Windows Server 2022

Web Server

Apache

PHP Version

8.1.27

Operating System

Windows 11

Browser

Edge and Firefox

Version

Firefox : 125.0.2 / Edge 124.0.2478.67

Device

No response

Operating System

No response

Browser

No response

Version

No response

Error messages

No response

Additional context

Snipe-IT installed with WAMP

[welcome[bot]]

👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.

[knd775]

You have to use https for saml to work.

[emorvan1987]

@knd775 Of course i have to use https. Unfortunately, I set https on Azure but snipeIT responds with http.

The request http is set on SnipeIT.

Thank you Regards

[snipe]

You have to use https on your Snipe-IT install then, and make sure the APP_URL is https, not http

[emorvan1987]

Hi @snipe ,

Thank you for your answer. So if i understand well, i need to reinstall SnipeIT or can i change it in a conf file ?

Thank you Regards

[emorvan1987]

Hello,

Could you please tell me if you have any ideas to help me about this issue ?

Thank you Reagrds

[knd775]

You don't need to reinstall. Just change the URL to https wherever you have it configured.

[emorvan1987]

Hello @knd775

Thank you for your reply.

So if i understand well, i need to change the APP_URL with https. However, in my env file, the APP_URL is already on https.

Is it another file where APP_URL is set ?

Thank you Regards

[knd775]

Sorry, but I'm not able to help much beyond that. I run the application in Docker, so how it's configured works a bit differently.

[emorvan1987]

Hello @knd775,

Thank you for your time and your replies.

I hope someone else can help me about it.

[snipe]

Is it another file where APP_URL is set ?

No, it's only set in the .env.

Make sure the URL you're using in Azure for the Snipe-IT endpoint is also https

[emorvan1987]

Hi @snipe,

Thank you for your reply.

Yes in Azure, in app registrations and app enterprise i put https for redirect URL, front-channel logout URL, Application ID URL, SingInURL, identifierURLS.

Thank you for your time to reply me. If you have any others ideas to fix this issue, i will take it ;)

[emorvan1987]

Hello,

Any ideas to help me ? If you need more comprehension we can do a teams meeting

Thank you Regards

[emorvan1987]

Hello

Just to inform you, i tried to reimport XML file and on Azure the reply in https, on Snipe IT the Assertion Consumer Service (ACS) URL is on HTTP

Thank you