Add User Login Redirects
Once the Authentication Source is configured, we need to ensure PlaceOS Applications redirect the user to the authentication provider to login.
Prerequisites
PlaceOS Backoffice Administrator Access
Procedure
Login to PlaceOS Backoffice
Navigate to the Domains tab.
Select the Domain for your organisation.
Click on the Edit icon.
Set the login URL to
/auth/login?provider=adfs&id=[ADFS-ID-HERE]&continue={{url}}
, replacing the[ADFS-ID-HERE]
with the authentication source ID created in 'Creating a PlaceOS Authentication Source' instructions, leaving the{{url}}
as is.
Debugging
The first step in this process should be to get the raw request.
Often you can see if a request attribute is not lining up to an attribute statement by inspecting the XML.
You can paste the resulting data into this SAML Decoder
Then paste the XML into Pretty Print (so it’s readable)
There are two methods of getting SSO data, described below:
If you have an account you can use to test
If the client is logging in and you have access to logs
Self Check
Open the Chrome or Firefox inspection tool
Go to the network tab
Select: preserve log
Go through the login flow
The request coming back to the assertion URL is the one you want to inspect.
Assertion URL: /auth/adfs/callback?id=[ADFS-ID-HERE]
Copy and paste the SAML response into the SAML decoder.
Last updated