Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Topics created by ken

K

Unsolved How to make a saml request with php / fusionauth?

Q&A
• • • ken

2

0
Votes

2
Posts

572
Views

D

Hiya,

Yes, you complete a login after the user has logged in at the SAML provider. That's implied, but maybe we should make it a bit clearer.

From https://fusionauth.io/docs/v1/tech/apis/identity-providers/samlv2#complete-a-saml-v2-login

This API allows you to complete a SAML v2 login after the user has authenticated with a SAML v2 identity provider. If you are using the FusionAuth login UI with the SAML v2 button you will not utilize this API directly.

The idea is:
you call start SAML login (the FusionAuth API) you direct the user to the IDP you get the SAML response you pass the SAML response to the complete API call (again, FusionAuth API)
Why not just integrate SAML directly into your application? It's an instance of the identity broker pattern, and having FusionAuth in the middle can allow for a standard interface across SAML and other remote IdP providers.

How you handle steps 2 and 3 is not documented for two reasons.
It might vary widely, depending on the SAML IdP and your configuration. It is expected that as someone who is using the start/complete API and not the FusionAuth hosted login pages, you are familiar enough with SAML to take care of them.
Hope this helps!
K

Unsolved Linking strategy not available anymore?

Q&A
• • • ken

2

0
Votes

2
Posts

379
Views

D

@ken

Hiya,

Sorry, I'm a bit confused.

What version of FusionAuth are you running? Which type of identity provider are you setting up?

I just logged into our sandbox instance: sandbox.fusionauth.io and was able to add an identity provider and edit it and saw the "Linking Strategy" both times.

Thanks,
Dan
K

Unsolved How to get whether user is using sso?

Q&A
• • • ken

2

0
Votes

2
Posts

385
Views

D

@ken Hiya,

I don't think this is currently available via API. The closest issue I could find was this: https://github.com/FusionAuth/fusionauth-issues/issues/1515

I can't commit to a timeline for this feature being built out, however.

Please upvote that and/or add a comment illustrating your use case.
K

Unsolved How to show "Login with SAML" button on our own site for fusionauth application that has sso?

Q&A
• • • ken

2

0
Votes

2
Posts

383
Views

D

@ken

Hiya,

The information about whether an application has an IdP configured for it is stored on the identity provider object, not on the application.

So the easiest way to answer your question is to retrieve all the identity providers (or one, if you have a target), then filter through the JSON looking for your application id.

https://fusionauth.io/docs/v1/tech/apis/identity-providers/#retrieve-all-identity-providers shows how to list all Identity Providers.

If you look at the results, you'll see a field similar to:
"applicationConfiguration": { "1c212e59-0d0e-6b1a-ad48-f4f92793be32": { "createRegistration": true, "enabled": true } },
for each of the identity providers.

The applicationConfiguration has keys, each of which is an application Id.

Does that help?
K

Unsolved How to auto get the first/last name of user on sso external idp samlv2 login? and redirect to our site login handler?

Q&A
• • • ken

2

0
Votes

2
Posts

346
Views

D

@ken Did you get this resolved?

Topics created by ken

Unsolved How to make a saml request with php / fusionauth?

Unsolved Linking strategy not available anymore?

Unsolved How to get whether user is using sso?

Unsolved How to show "Login with SAML" button on our own site for fusionauth application that has sso?

Unsolved How to auto get the first/last name of user on sso external idp samlv2 login? and redirect to our site login handler?