SAML SSO is killing me

I have been spending weeks racking my brain on this I cannot figure out Azure SSO with SAML for the life of me. This is also the only vendor I’ve seen that doesn’t have their own instruction s for building their app.

this I rebuilt an entirely new app using Microsoft SAML instructions.

Register a SAML app - Microsoft Entra External ID | Microsoft Learn

Imported using your instructions

image1615×961 142 KB

I have roles, I have users assigned to eh roles. I have a groups claim. WTF is going on ?!?!?!?! Where do we look for errors?

I’ve implemented several SAML applications, and Ignition is by far the easiest. Looking at your screenshot, I would suggest disabling certificate signature verification.

Thank you. Thank got response. Now I just can’t seem to get the roles going. What kind of group claim do I need?

image1532×715 35 KB

Start by looking one tab to the left, do you see any IDP response data that matches your desired roles?

You have to:

1. create security levels
2. define security level rules that match your needs

Everything is in the docs

I think my issue is the user mappings. I’m a network engineer who knows Azure that is helping out our automation engineer, so I’m a little lost on what to do here. My software skill are not the best.

I’m using this statement for all fo teh direct mappings whic I’m sure is not correct

/saml2p:Response/saml2:Assertion/saml2:Subject/saml2:NameID/text()

What do I need to use for

Firstname

Lastname

email

roles

for a path or where can I find that?

so that’s the issue. I dont understand the docs. I’m am not a software person. I think in Binary, hexidecimal, and network engineering. this is literal gibberish to me. that is why i need help

You might also try going through the videos that walk you through it.

Here's the attribute mapping portion of the manual for v8.1 also: