I have a perspective project in ver 8.1.0 that is set to use a newly created Identity Provider (of type ‘Ignition’), but when launching a session, it will not use the new IdP, only the default one. The URL of the login page is mydomain.net/idp/default/authn/login?..
I’m expecting to see mydomain.net/idp/new_idp/authn/login?..
The project has its own:
- User Source (using the projects Database)
- Ignition type ID Provider (using the above User Source)
Both the above ID Provider and User Source are shown to be configured in the Security Settings of the Designer Project Properties configuration.
The test login succeeds and gives the proper response
…and lists the authenticated Role.
I’m seeing no exceptions in the logs.
Anyone have any ideas what I’m missing?? I’m pretty sure if it would just use the new IdP it would work fine, it just isn’t using it.
I talked with Tech Support a while back on this and for some reason, the ‘child’ project is inheriting the default IdP, and so far, I have not been able to get it not to. I would think that wouldn’t even matter, as the setting should be overridden in the last project level. I’ve even rebuilt the entire Parent/Child inherited project structure, and for some reason, I cannot override the IdP in the project settings.
Do you have an Identity Provider set in Designer Project Menu > Properties > Perspective > General? If so, reset that setting to “None” and save. That setting will disappear and the one in Project Menu > Properties > Project > General should now be used instead going forward. There’s a small blurb about this in the docs here: https://docs.inductiveautomation.com/display/DOC81/Perspective+Project+Properties
The old setting in the Perspective > General got moved to Project > General in 8.0.6 in anticipation that vision would also need a Project IdP setting. We keep the old setting around and it takes precedence in Perspective over the new setting for as long as you keep it set in order to maintain backwards compatibility, but sometimes it does cause this kind of confusion.
Thanks @jspecht! That did it.