Jump to content

Search the Community

Showing results for tags 'saml2'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Essentials
    • Announcements
  • Passwordstate 9.x
    • General Support
    • General Hints and Tips
    • Known Issues
    • Installing Passwordstate
    • Feature Requests
    • Feature Requests - Completed
    • 3rd Party Hardware/Software Knowledge Forum
  • Knowledge Base
    • General FAQs
    • Password Resets
    • Remote Session Launcher
    • App Server
    • Passwordstate API
    • Browser Extensions
    • Password Reset Portal
  • Passwordstate 8.x
    • General Support
    • Feature Requests - Completed

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL





Google Plus Account







Found 5 results

  1. Hi all, Has anyone had any success setting up G Suite as an identity provider for Passwordstate? We're about to commence our own testing with it but would love to see any guidance if someone else has already had some luck with it. Thanks in advance Olivia
  2. I'm having great difficulty with passwordstate talking to Okta, and the example config in the password state docs for Okta is greatly lacking (missing 80% of the config values). What happens is when I visit our local password state, it goes off to Okta, verifies, go back to passwordstate which then fires off to Okta again, etc etc etc Here is the config I currently have: What the heck am I missing? Plus where the heck in passwordstate can I see what I assume are the failed assertions? OKTA CONFIG Single sign on URL: https://internal.pstate.example.com/logins/saml/default.aspx Use this for Recipient URL and Destination URL: YES Allow this app to request other SSO URLs: NO Audience URI (SP Entity ID): https://internal.pstate.example.com/ Default RelayState: https://internal.pstate.example.com/logins/saml/default.aspx Name ID format: Unspecified Application username: AD user principal name Update application username on: Create and update Response: Signed Assertion Signature: Signed Signature Algorithm: RSA-SHA1 Digest Algorithm: SHA1 Assertion Encryption: Unencrypted Enable Single Logout: NO Assertion Inline Hook: None (disabled) Authentication context class: PasswordProtectedTransport Honor Force Authentication: Yes SAML Issuer ID: http://www.okta.com/${org.externalKey} ----------------------- PASSWORDSTATE CONFIG Select which field in Passwordstate you want to compare against the SAML Response's Name Identifier - NameID: UserPrincipalName After SAML Authentication: -- Select Authentication Option -- (ie nothing) X.509 Cert: <from Okta > Certificate Type: SHA1 IDP Target URL https://company.okta.com/app/xxxxxxxxxxxxxxxxxxxxxx_passwordstate_1/exk1123123123123bks4x7/sso/saml IDP Issuer URL: http://www.okta.com/exk123123123123 ------------------------------ WHAT HAPPENS when you visit https://internal.pstate.example.com/ GET to https://company.okta.com/app/xxxxxxx_passwordstate/exk1123123123123bks4x7/sso/saml?SAMLRequest=......... POSTs to https://internal.pstate.example.com/ 302 -> /default.aspx GET to https://internal.pstate.example.com/default.aspx 302 -> /logins/saml.aspx? GET to https://internal.pstate.example.com/logins/saml.aspx? 302 -> https://company.okta.com/app/xxxxxxx_passwordstate/exk1123123123123bks4x7/sso/saml?SAMLRequest=......... (back to the beginning)
  3. Hi, I am troubleshooting an issue where authentication goes through infinite loop between POST and GET. It was working fine till the issue came up unexpectedly Is there any way to debug this issue on the Passwordstate side? POST URL is going to https://server.com/logins/saml/default.asp GET URL is https://test.onelogin.com/trust/saml2/http-post/sso/* On the passwordstate log file I can see that following URLs are getting referenced GET /default.aspx GET /logins/loginadan.aspx GET /logins/saml.aspx POST /logins/saml/default.aspx On the Onelogin side login is successful for the App. Any guidance is appreciated. Thanks in advance,
  4. Hi, We had a SAML2 setup with Onelogin. Suddenly it stopped working and seems to go through the SAML request loop. Now I wanted to disable the SAML2 and go back to using AD authentication. For some reason it seems it again tries to do the SAML. I went to the System Settings and changed the default authentication back to Manual AD Authentication. It works on the same machine where I have the passwordstate installed i.e. it can do AD authentication. But on the other remote machines it still tries to do the SAML2. Looking forward for some guidance. Thanks,
  5. Hi, With SAML2 in Azure AD in your documentation (Passwordstate_Security_Administrators_Manual.pdf pages 119-125), this works fine but one parameter is missing in Passwordstate: the logout It's not possible to disconnect users only if the user closes his browser. This logout parameter is https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0 Could you set up the logout parameter in the next build of Passwordstate configuration with SAML2 please ?
  • Create New...