My Mautic version is: 4.4.9
My PHP version is: 8.0.29
My Database type and version is: 10.6.12-MariaDB-0ubuntu0.22.04.1
My Setup: Ubuntu 22.04 - LAMP
My problem is: Configured SAML for Azure AD setup. Even the test from Azure AD is successful in issuing a token. After redirect to https://mymauticsite/s/saml/login_check I get a 302 found however it redirects after that to https://mymauticsite/s/login with error message saying - Invalid login. Please verify credentials.
These errors are showing in the log: Nada, absolutely nothing. I am checking errors here: /var/www/mymauticfolder/var/logs. Is there any way to increase the debug level on the SSO logs? If yes which file to edit from where?
Steps I have tried to fix the problem:
I have checked my Attributes mapping and in depth gone through the metadata xml file.
All the attributes go through to my site that are necessary to create a new user upon first login. CORS is setup properly in apache.
Am I missing something special on the Azure side? I changed the nameID to send email address instead, but not sure if this helps?
See attached screenshot for error:
I got this working using advice from here: Microsoft SSO Integration - Solved
So you have to use complete url for attributes as defined in the schema of the metadata xml.
For email I used this: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
For Frist Name I used this: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
For Last Name I used this: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
And since I tend to configure usernames as email (personal choice) I used this fro Username which is optional: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
You define these settings in the Mautic SAML SSO Settings page
This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.
@jasjitchopra would you be open to making an update to our documentation to make this clear for people in the future?
If you go to this page: Authentication — Mautic Documentation 0.1 documentation you could add a section at the bottom for Azure-specific settings.
There’s an ‘edit on GitHub’ button top right of the page which takes you directly to the page you need to edit, then you can click the pencil button to suggest changes.
Happy to help you get started if you’d like to contribute this information to help others!