Posted: 17 Jan 2022 1:48 EST Last activity: 30 Mar 2022 6:09 EDT
Displaying Login Screen for SAML SSO Login
I am working on a SAML SSO configuration . Below is the configuration at our side
Service Provider is Pega -> Reverse Proxy -> IDP(AAD )
I am facing an issue : when IDP trigger a request to access the application it is pointed to Pega Login page not to the User Portal .
Relay State URL which we receive from IDP as Saml Response is the DNS set by ReverseProxy and which in turn is redirected to the actual Authentication service url (https://(host)/prweb/xx. But the UI displayed to Thirdparty is Pega Login Screen not the Portal .
What Pega send back as message is
you must press the Continue button once to proceed. "
This is set from the Pega OOTB HTML code invoked from assertion service activity .
Even after trying from Chrome too it is same.
We tried login manually but still it is redirected to Login Page .
Pega version what we are using is 7.3
Do we need to change anything in Web proxy side ? web.xml other than x forwarded host setting ?
If any one faced the similar issue request you to help .
Please reply to this .
***Edited by Moderator: Pooja Gadige to change content format from Discussion to Question, add capability tag***
***Edited by Moderator Marije to add Support Case Details***
The error which I am getting is the one we are sending as response .This is set from the SAML Assertion OOTB Activity . This I could find from the logs .But to IDP Pega login screen is displayed not portal .
I have gone through those documents before.
ie IDP is requiring extra parametesr when using HTTP-POST method for the AuthnRequest.
This parameter should be set from IDP? . IDP is AAD in our case can they set it from their side ?
What does that parameter do from pega ? Please elaborate .
Posted: 3 months ago
Posted: 1 Feb 2022 7:02 EST
Marije Schillern (MarijeSchillern)
Senior Knowledge Management Specialist