You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
**SAML Entity ID** should be the URL to your Redash instance
seems to be misleading in quite a lot of cases
This value is used as entity_id in https://github.com/getredash/redash/blob/master/redash/authentication/saml_auth.py#L17 to generate the inline SAML metadata passed to PySAML2
When using Dynamic configuration Redash will directly download the metadata from the configured IdP and from the various cases I've seen the EntityID/entity_id is very rarely the final application homepage i.e. Redash
Here are a few examples:
AWS Identity Center / SSO <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://accounts.google.com/o/saml2?idpid=randomid...
Google Workspace / GSuite <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://portal.sso.region.amazonaws.com/saml/assertion/randomid...
Could the documentation be updated to reflect the Entity ID should be set with the EntityID attribue value found in the metadata XML under the md:EntityDescriptor XML tag ?
The text was updated successfully, but these errors were encountered:
Greetings,
in https://github.com/getredash/website/blob/master/src/pages/kb/user-guide/users/authentication-options.md?plain=1#L95
the line
seems to be misleading in quite a lot of cases
This value is used as
entity_idin https://github.com/getredash/redash/blob/master/redash/authentication/saml_auth.py#L17 to generate the inline SAML metadata passed to PySAML2When using Dynamic configuration Redash will directly download the metadata from the configured IdP and from the various cases I've seen the
EntityID/entity_idis very rarely the final application homepage i.e. RedashHere are a few examples:
AWS Identity Center / SSO
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://accounts.google.com/o/saml2?idpid=randomid...Google Workspace / GSuite
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://portal.sso.region.amazonaws.com/saml/assertion/randomid...example found at https://wiki.geant.org/display/eduGAIN/Basic+IdP+Metadata+Example
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.example.com/idp/shibboleth"example found at https://www.ibm.com/docs/en/tarm/8.8.0?topic=authentication-example-idp-metadata
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://www.okta.com/exkexl6xc9MhzqiC30h7">Could the documentation be updated to reflect the Entity ID should be set with the
EntityIDattribue value found in the metadata XML under themd:EntityDescriptorXML tag ?The text was updated successfully, but these errors were encountered: